[stunnel-users] Certificate renaming
Vasil Dimov
vd at datamax.bg
Mon Jul 4 07:48:55 CEST 2005
On Mon, Jul 04, 2005 at 10:49:06AM +1000, Paul Jones wrote:
> Hi all,
>
> I understand that in order for Stunnel to find a certificate, it has to be
> renamed to something like xxxxxx.0 (where xxxxxx is obtained by using the
> "openssl x509" command on the certificate).
>
> Why is this the case? I read somewhere that this helps Stunnel find the
> certificate quicker (i.e. Stunnel does not need to look at every
> certificate file before it knows which one it wants).
>
> Can someone provide me a better explanation please?
>
> Is there any way around this? Renaming the certificate file in such a
> manner causes confusion when searching for the certificate of a particular
> client...
>
This is more related to openssl that stunnel. You can use openssl's
c_rehash tool to create the proper symbolic links to all certificates in
a directory.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20050704/a7e056e7/attachment.sig>
More information about the stunnel-users
mailing list