On Sat, Jan 15, 2011 at 08:50:02PM +0100, Michal Trojnara wrote:
Philipp Hartwig wrote:
My understanding is that stunnel will now exclusively accept the server certificate stored in the imaps.pem file rendering all MITM attacks impossible.
I'd be grateful if someone could confirm that this setup makes sense. Is this the way the verify=3 option is supposed to use?
Yes, this is exactly the way "verify = 3" is supposed to be used.
I've just played around a bit and I'm a bit worried now that I still got the whole concept of "verify = 3" in client mode wrong.
I have created a CA and two different keys/certs for 127.0.0.1 signed by that CA. I've taken the CA cert and the first(!) of the two server certs and plugged them into a file "test.pem". Then I have created a section
[test] accept = 127.0.0.1:4432 connect = 127.0.0.1:4433 CAfile = /home/ph/test.pem verify = 3
in my stunnel.conf and I've started a dummy s_server instance on 127.0.0.1:4433 using the second(!) of the two server certificates.
My expectation was that a $ telnet 127.0.0.1 4332 would fail because the server certificate in test.pem does NOT match the server certificate offered by the server. But to my surprise stunnel will happily establish the connection.
I'd be very grateful if someone could explain this to me. What did I get wrong?