Hi ,

I am using Stunnel to protect one of my server. I am able to configure the stunnel properly with the help of stunnel. Now i am trying to use the revocation list concept in the stunnel.

For using the stunnel revocation list i performed the following steps.

1. for generating the CRL file

openssl ca -gencrl -keyfile ca_key -cert ca_crt -out my_crl.pem

2. for revoking the certificates

openssl ca -revoke bad_crt_file -keyfile ca_key -cert ca_crt

The entry specified in the stunnel.conf file is:-

CRLfile = my_crl.pem

Surprisingly the client is still able to connect to the server. Is it the problem in my configuration or it is a bug of stunnel.

Regards,

Piyush

Need a vacation? Get great deals to amazing places on Yahoo! Travel.