[stunnel-users] Multiple Host Certificates
Sligar, Benjamin
bsligar at tnsi.com
Thu Mar 16 22:42:19 CET 2006
Is it possible to run one instance of stunnel and have it verify certain ports against different certificates?
For instance:
[listen1 5003]
accept = 5003
connect = 10.61.0.132:7300
[listen2 5008]
accept = 5008
connect = 10.61.0.132:7300
Would it be possible to have listen2 validate on a seperate certificate, or, will I need to run a second instance of stunnel on my box and have it point to the different certificate? Basically, I want to know if I can setup a different certificate on a per-port basis. I don't see any options in the definition of the listen port that I can specify a different CERT, only the default CERT option at the top of the config file.
Version:
stunnel-4.04
Options
cert = /usr/local/conf/ssl.pem
chroot = /usr/local/stunnel-4.04/var/run/stunnel/
pid = /stunnel.pid
setuid = www
setgid = webgroup
options = NO_SSLv2
ciphers = DES-CBC3-SHA:IDEA-CBC-SHA:RC4-SHA:RC4-MD5:AES256-SHA:AES128-SHA
uname -a
Linux ssl 2.4.7-10 #1 Thu Sep 6 17:27:27 EDT 2001 i686 unknown
gcc -v
Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/2.96/specs
gcc version 2.96 20000731 (Red Hat Linux 7.1 2.96-98)
openssl version
OpenSSL 0.9.6b [engine] 9 Jul 2001
This e-mail message is for the sole use of the intended recipient(s) and may
contain confidential and privileged information of Transaction Network Services.
Any unauthorized review, use, disclosure or distribution is prohibited. If you
are not the intended recipient, please contact the sender by reply e-mail and
destroy all copies of the original message.
More information about the stunnel-users
mailing list