Dan, I use verify = 4 with seven different servers, but it only misbehaves with one of them. There must be some aspect of the certificate that either OpenSSL or Stunnel is having an issue with. Regards, Thomas On 7/11/2013 2:00 AM, dansmith wrote:
Thank you for clarifying. I generated a new self-signed certificate and verify=4 works.
However, when I generate a non-self-signed certificate signed by a third party CA, "verify=4" gives me the same error as in my initial post. It still expects to find CA's certificate together with the server's certificate in CAfile. The description in manpage is:*
level 4* Ignore CA chain and only verify peer certificate.
Apparently the description is inaccurate.
_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-- Attention: This message and all attachments are private and may contain information that is confidential and privileged. If you received this message in error, please notify the sender by reply email and delete the message immediately.