[stunnel-users] verify server certification is missing

Olivier twist twist_54 at hotmail.com
Tue Jan 17 12:41:00 CET 2006


I think a functionnality is missing in stunnel.
I compare the behaviour of stunnel and apache mod-ssl.

If you have a certificate signed by third party, apache checks the root 
certificate like stunnel do this with -v 1 option but apache don't ask for a 
client certificate, stunnel do this :-(
I think that stunnel should control server certificate chain defined in CA 
file even if option -v 1 is not set !!!

Could you give your opinion? If I use stunnel and not apache it's because I 
have some protocols to handle with ssl and stunnel is a very easy to use 
solution.

Thanks

Oliver





More information about the stunnel-users mailing list