[stunnel-users] FQDN validation and checking within

[Michal Trojnara]

Nagasundaram, Sekhar wrote:
> Given this: what is the best way for Stunnel to make 
> authentication And authorization decisions based on 
> information presented in the Certificate from the peer. My 
> question comes from: how do I do level 3 Checking in a 
> scalable manner when my order of magnitude is in the Thousands...

For huge amount of certificates you should use "verify = 2" and CRLpath (or
CRLfile) to implement revocation of compromised keys.

Best regards,
    Mike