15 May
2009
15 May
'09
7:55 p.m.
Gary Kuznitz wrote:
How can I get a god certificate for Stunnel to use? How would I set that up in Stunnel?
You don't really need a certificate for an SSL client. Just disable it.
How can I disable it?
Change: cert = stunnel.pem to: ; cert = stunnel.pem
You rather want to setup server certificate verification with "CAfile" and "verify".
I have un-commented: CAfile = certs.pem verify = 2
You need verify=3.
Do not just uncomment options. Please Read The Fine Manual, first.
That gave me an error: 2009.05.15 12:38:13 LOG3[16278859:16279139]: Error loading verify certificates from certs.pem
Did you download yahoo certificate into certs.pem?
Hint: You can use openssl s_client to download the remote certificate.
Mike