[stunnel-users] FQDN validation and checking within

Michal Trojnara Michal.Trojnara at mobi-com.net
Wed Feb 1 08:52:29 CET 2006


Nagasundaram, Sekhar wrote:
> Given this: what is the best way for Stunnel to make 
> authentication And authorization decisions based on 
> information presented in the Certificate from the peer. My 
> question comes from: how do I do level 3 Checking in a 
> scalable manner when my order of magnitude is in the Thousands...

For huge amount of certificates you should use "verify = 2" and CRLpath (or
CRLfile) to implement revocation of compromised keys.

Best regards,
    Mike




More information about the stunnel-users mailing list