9 Apr
2011
9 Apr
'11
11:33 a.m.
After looking at the source code I think I understand it: Stunnel does not really compare the peer's certificate with the locally installed certificate but it only compares their subjects.
If my interpretation is correct maybe the documentation of the "verify" option
level 3 - verify peer with locally installed certificate
should state this? At least I was expecting a stricter form of verification.