[stunnel-users] Distinguished Name (DN) is a cleartext network communication?
Michael Renner
michael.renner at gmx.de
Wed Jan 7 20:19:30 CET 2009
Moin,
I am confused. Trying to use the DN as a kind of password replacement I saw
that the DN goes unencrypted through the network, while the traffic itself is
encrypted of cause. Analysing the network packages with wireshark I get this:
100104083828Z0..1.0...U....DE1.0...U....Germany1.0
..U....Munich1.0...U.
..vbox4php1.0...U....stunnel1.0...U....mars.mtr.mynet1$0"..*.H..
.....michael.renner at gmx.de0.."0
This is, more or less, the content of the DN. Is there a chance to encrypt
this?
My setup should work, no matter if a client certificate exists or not (also
independent of the DN's content) . But the appliation behind stunnel (started
by stunnel using the 'exec' statement) may behave dependent on the DN!
Any chance?
Thanks
--
|Michael Renner E-mail: michael.renner at gmx.de |
|D-81541 Munich Germany ICQ: #112280325 |
|Germany Don't drink as root! ESC:wq
More information about the stunnel-users
mailing list