[stunnel-users] Verify=3 restart needed ?
jz at ellingtongeologic.com
jz at ellingtongeologic.com
Wed Apr 30 04:50:35 CEST 2008
Good Morning Mike:
I had a question and sent to the list (it might have not gone thru) The question was that: is it possible for stunnel to go to the router, for example, 10.10.1.1, to scan for a port of interest and see whether there is a request thru that port? so the nat router would not have to forward the port to the stunnel of my local machine, e.g. 10.10.1.188, on which stunnel is listening for port 8888 and will relay it to 5631 of the local program.
Thanks
J
----- Original Message ---------------
>Return-Path: <stunnel-users-bounces at mirt.net>
>Received: from linode.mirt.net ([64.22.71.125]) by ellingtongeologic.com for <jz at ellingtongeologic.com>; Tue, 29 Apr 2008 03:13:13 -0700
>Received: from linode.mirt.net (localhost [127.0.0.1])
> by linode.mirt.net (Postfix) with ESMTP id 46BBD1D28A;
> Tue, 29 Apr 2008 12:12:15 +0200 (CEST)
>Received: from linode.mirt.net (localhost [127.0.0.1])
> by linode.mirt.net (Postfix) with ESMTP id 168F81D28E;
> Tue, 29 Apr 2008 12:12:09 +0200 (CEST)
>X-Original-To: stunnel-users at mirt.net
>Delivered-To: stunnel-users at mirt.net
>Received: from linode.mirt.net (localhost [127.0.0.1])
> by linode.mirt.net (Postfix) with ESMTP id 01A0D1D26F
> for <stunnel-users at mirt.net>; Tue, 29 Apr 2008 12:12:01 +0200 (CEST)
>Received: from mike.mirt.net (localhost [127.0.0.1])
> by linode.mirt.net (Postfix) with ESMTP id BE3F81C0F1
> for <stunnel-users at mirt.net>; Tue, 29 Apr 2008 12:12:00 +0200 (CEST)
>Received: from 194.203.201.98 (SquirrelMail authenticated user mtrojnar)
> by mike.mirt.net with HTTP; Tue, 29 Apr 2008 12:12:00 +0200 (CEST)
>Message-ID: <56899.194.203.201.98.1209463920.squirrel at mike.mirt.net>
>In-Reply-To: <76A8C8ED7C969549B61EA52B0D93103003C81670 at srv-bcexch01.tibco.fr>
>References: <76A8C8ED7C969549B61EA52B0D93103003C81670 at srv-bcexch01.tibco.fr>
>Date: Tue, 29 Apr 2008 12:12:00 +0200 (CEST)
>From: "Michal Trojnara" <Michal.Trojnara at mobi-com.net>
>To: stunnel-users at mirt.net
>User-Agent: SquirrelMail/1.4.9a
>MIME-Version: 1.0
>X-Priority: 3 (Normal)
>Importance: Normal
>X-Virus-Scanned: ClamAV using ClamSMTP
>Subject: Re: [stunnel-users] Verify=3 restart needed ?
>X-BeenThere: stunnel-users at mirt.net
>X-Mailman-Version: 2.1.9
>Precedence: list
>List-Id: "public, moderate-volume list - general discussion, problem reports,
> patches" <stunnel-users.mirt.net>
>List-Unsubscribe: <http://stunnel.mirt.net/mailman/listinfo/stunnel-users>,
> <mailto:stunnel-users-request at mirt.net?subject=unsubscribe>
>List-Archive: <http://stunnel.mirt.net/pipermail/stunnel-users>
>List-Post: <mailto:stunnel-users at mirt.net>
>List-Help: <mailto:stunnel-users-request at mirt.net?subject=help>
>List-Subscribe: <http://stunnel.mirt.net/mailman/listinfo/stunnel-users>,
> <mailto:stunnel-users-request at mirt.net?subject=subscribe>
>Content-Type: text/plain; charset="us-ascii"
>Content-Transfer-Encoding: 7bit
>Sender: stunnel-users-bounces at mirt.net
>Errors-To: stunnel-users-bounces at mirt.net
>X-Virus-Scanned: ClamAV using ClamSMTP
>
>Edouard Dessioux wrote:
>
>> I wanted to know if the stunnel needs to be restarted
>> after a certificates has been removed ?
>
>This is *not* the way X.509 was designed to perform certificate
>revocation. Use CRLs or OCSP instead.
>
>Also see:
>http://stunnel.mirt.net/pipermail/stunnel-users/2004-December/000192.html
>http://en.wikipedia.org/wiki/Certificate_revocation_list
>http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
>
>Best regards,
> Mike
>
>_______________________________________________
>stunnel-users mailing list
>stunnel-users at mirt.net
>http://stunnel.mirt.net/mailman/listinfo/stunnel-users
More information about the stunnel-users
mailing list