[stunnel-users] using an ocsp

Samuel Landau landau at archos.com
Mon Mar 26 13:15:12 CEST 2007


Hello,

I am using stunnel 4.18 and openca-ocspd 1.5.1. The OCSPd uses a delegate
certificate and the setup works when tested with openssl:

$ openssl ocsp -issuer /home/landau/ssl/cacert.pem -serial 3 -url
http://localhost:2560 -CAfile /home/landau/ssl/cacert.pem
Response verify OK
3: good
        This Update: Mar 23 18:27:37 2007 GMT
        Next Update: Mar 26 10:56:33 2007 GMT

But when it comes to using stunnel, I cannot figure out how to make it use
properly the OCSP. I could see that stunnel 4.19 had more options for ocsp, but
I am unsure this is related to my current issue.

Besides, is there a way to have stunnel fall back on local cert/crl files if the
ocsp server is not available ?

Regards,

-- 
Samuel Landau

____________________________________________________________________________

This  email  and any  files  transmitted  with it are  confidential  and are
intended solely  for the use of the individual  or entity to which  they are
addressed.  Access to this e-mail by anyone else is unauthorised. If you are
not the  intended recipient,  any disclosure,  copying,  distribution or any
action taken or omitted to be taken in reliance on it, is prohibited. E-mail
messages are not necessarily secure.  Archos does not accept  responsibility
for any changes made to this message after it was sent.

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: stunnel4.log
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20070326/8f1db73a/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: stunnel4.conf
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20070326/8f1db73a/attachment-0001.ksh>


More information about the stunnel-users mailing list