[stunnel-users] Verify=3 restart needed ?
Michal Trojnara
Michal.Trojnara at mobi-com.net
Tue Apr 29 12:12:00 CEST 2008
Edouard Dessioux wrote:
> I wanted to know if the stunnel needs to be restarted
> after a certificates has been removed ?
This is *not* the way X.509 was designed to perform certificate
revocation. Use CRLs or OCSP instead.
Also see:
http://stunnel.mirt.net/pipermail/stunnel-users/2004-December/000192.html
http://en.wikipedia.org/wiki/Certificate_revocation_list
http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
Best regards,
Mike
More information about the stunnel-users
mailing list