Mark Bolton <mbolton at boltz.co.uk> wrote: > Is there anyway we can use stunnel to help us guard against this > 'stolen cert' situation or if not what else could we do? Sure. CRLs are designed exactly for this purpose. http://en.wikipedia.org/wiki/Certificate_revocation_list Best regards, Mike