[stunnel-users] 1 server and more desktops
aaa aaa
miamia at inMail.sk
Mon Jun 8 18:28:38 CEST 2009
Hi Carter,
thank you. I am trying to use scenario with self-signed certificates
exactly like you are using it. Could you please write me some examples
of config for server and clients? I don't know where to put private
keys and how to set up server for acceptation of certificates from
clients only - server must reject all communication without/or with
other certificates as are stored in his folder.
thank you in advance
regards,
mia
> ---- Pôvodná správa ----
> Od koho: Carter Browne <cbrowne at cbcs-usa.com>
> Komu: aaa aaa <miamia at inMail.sk>
> Dátum: 8. 6. 2009 15:00:00
> Predmet: Re: [stunnel-users] 1 server and more desktops
>
> I do this using self-signed certificates and verify=2 or verify=3. The
> remote computers would only have the servers public certificate their
> CAfile (or CApath). The server must have all the remote computers
> public certificates in its CAfile or CApath. See the rules about how to
> build those. If you are only using self-signed certificates, you can
> use verify=3, otherwise you will have to use verify=2. Each port that
> you want to forward must be in you stunnel.conf file - without knowing
> what you are trying to do, it is hard to be more specific.
>
> Carter
>
> Carter Browne
> CBCS
> cbrowne at cbcs-usa.com
> 781-721-2890
>
>
>
> aaa aaa wrote:
> > hello Christophe,
> >
> > thanks for your answer. Sorry for any misunderstanding. Well, I just
> > wanted to ask if it is able to set stunnel for working with more
> > certificates? So it means that I don't want to have secured tunnel
> > between remote and local computer only but also between one remote and
> > many local computers with more certificates? Every local computer
> > should have own certificate.
> >
> > Is this possible?
> >
> > thank you.
> >
> > ---- Pôvodná správa ----
> > Od koho: Christophe Nanteuil <christophe.nanteuil at gmail.com>
> > Komu: aaa aaa <miamia at inmail.sk>
> > Dátum: 7. 6. 2009 16:27:00
> > Predmet: Re: [stunnel-users] 1 server and more desktops
> >
> > Hello,
> >
> > Stunnel is an application oriented tunnel, not a machine oriented
> > tunnel. Please, be more precise in your requests if you want someone
> > to be able to help you. It seems also that the stunnel documentation
> > pages are worh reading in your case.
> >
> > Regards,
> >
> > --
> > Christophe
> >
> >
> > 2009/6/7 aaa aaa <miamia at inmail.sk>:
> > > Hello,
> > >
> > > I have one server and 3 desktops (PC1,PC2,PC3). I need to do this:
> > every pc
> > > should communicate with server with his own certificate and server
> > should
> > > sends anwser back to the computer encrypted for this one pc only.
> > >
> > > Example: PC3 {with server's public key} sends data to server and
> server
> > > sends answer to PC3 (encrypted wiht unique PC3's public key).
> > > then PC2 {with server's public key} sends data to server and server
> > sends
> > > answer to PC2 (encrypted wiht unique PC2's public key). and so
> on... how
> > > should I configure stunnel for this?
> > >
> > > And another question > how should I configure all computers (server,
> > > pc1,pc2,pc3) to accept communication over secured stunnel only and
> > drop all
> > > other unsecured communication?
> > >
> > >
> > > thank you in advance.
> > > regards, Mia
> > > ----------
> > > Sutaz s InPage o ceny za viac ako 2000 Euro. Info na www.inpage.sk.
> > Domena,
> > > webhosting, e-mail a seo od 10 centov/denne.
> > >
> > > _______________________________________________
> > > stunnel-users mailing list
> > > stunnel-users at mirt.net
> > > http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> > >
> > >
> > ----------
> > Sutaz s InPage o ceny za viac ako 2000 Euro. Info na www.inpage.sk
> > <http://www.inpage.sk/>. Domena, webhosting, e-mail a seo od 10
> > centov/denne.
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > stunnel-users mailing list
> > stunnel-users at mirt.net
> > http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> >
> ----------
> Sutaz s InPage o ceny za viac ako 2000 Euro. Info na www.inpage.sk
> <http://www.inpage.sk/>. Domena, webhosting, e-mail a seo od 10
> centov/denne.
----------
Sutaz s InPage o ceny za viac ako 2000 Euro. Info na www.inpage.sk. Domena, webhosting, e-mail a seo od 10 centov/denne.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20090608/10603b2c/attachment.html>
More information about the stunnel-users
mailing list