Re: [stunnel-users] Using stunnel to secure clients instead of servers

7 Jan 2015


      On Wed, 2015-01-07 10:11:39 -0500, Leon Smith wrote:
...
Actually,  that may be it,  thank you.    I definitely overlooked this
option when I browsed the man page.   I'll pass on this information to some
interested parties and give them a chance to make it work.    And I'll
probably try this myself at some point soon.
(Incidentally,  it's an HTTP client that doesn't support HTTPS, even though
the server does,  so it appears I'll need protocol=connect and CAfile=...
for certificate pinning as well.)
I don't know your setup, but if there is no proxy involved, you don't
need the 'protocol=...' option.  For certificate pinning, you'll
certainly need 'CAfile=...' or 'CApath=...', and 'verify=LEVEL' with
LEVEL not below 2.
HTH,
Ludolf
-- 

Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
 
Tel: +49 621 33996-0
Fax: +49 621 3392239
 
mailto:lholzheid@bihl-wiedemann.de
http://www.bihl-wiedemann.de
 
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [stunnel-users] Using stunnel to secure clients instead of servers