[stunnel-users] Certificate renaming

Vasil Dimov vd at datamax.bg
Mon Jul 4 07:48:55 CEST 2005


On Mon, Jul 04, 2005 at 10:49:06AM +1000, Paul Jones wrote:
> Hi all,
> 
> I understand that in order for Stunnel to find a certificate, it has to be 
> renamed to something like xxxxxx.0 (where xxxxxx is obtained by using the 
> "openssl x509" command on the certificate).
> 
> Why is this the case?  I read somewhere that this helps Stunnel find the 
> certificate quicker (i.e. Stunnel does not need to look at every 
> certificate file before it knows which one it wants).
> 
> Can someone provide me a better explanation please?
> 
> Is there any way around this?  Renaming the certificate file in such a 
> manner causes confusion when searching for the certificate of a particular 
> client...
> 

This is more related to openssl that stunnel. You can use openssl's
c_rehash tool to create the proper symbolic links to all certificates in
a directory.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20050704/a7e056e7/attachment.sig>


More information about the stunnel-users mailing list