3 Oct
2005
3 Oct
'05
11:03 p.m.
Hey guys, I've been using stunnel for a while and it's great. I've noticed something that doesn't make much sense to me though, so I was wondering if you might be able to shed some light.
Stunnel runs as user:group stunnel4:stunnel4. The server reads client certs (for verify = 3) from /etc/stunnel/certs/ which is chown'd root:ssl-certs and chmod'd 750. The client PEMs in that directory have the same ownership and permissions. User stunnel4 is in the ssl-certs group.
When a client connects, the server is unable to read from /etc/stunnel/certs/. If I change the ownership of the directory to root:stunnel4 though, everything works. Any idea why this occurs?
Cheers, Nick