Re: [stunnel-users] password protected key in client certificate

3 Jul 2015


      On Fri, 2015-07-03 11:33:40 +0200, Giona Il Profeta wrote:
...
Hi all,
I have inherited an old stunnel installation, configured for mutual
authentication (verify=3) and I'm trying to figure out some of the choices
of the old sysadmin.
One of the client certificates in the CApath directory has its private key
encrypted with a password.
Is the client supposed to provide the password to decrypt the key when it
connects?
Which CApath?
If it's the one on the client box:  Yes, the client is supposed to
enter the password when stunnel is started.
If it's the one on the server box:  The peer's private key is not used
by stunnel, so no, there is no need for the password.
HTH
Ludolf
-- 

Ludolf Holzheid
 
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
 
Tel: +49 621 33996-0
Fax: +49 621 3392239
 
mailto:lholzheid@bihl-wiedemann.de
http://www.bihl-wiedemann.de
 
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [stunnel-users] password protected key in client certificate