[stunnel-users] The verify=3 option in client mode

Michal Trojnara Michal.Trojnara at mirt.net
Sat Jan 15 20:50:02 CET 2011


  Philipp Hartwig wrote:
> My understanding is that stunnel will now exclusively accept the  
> server
> certificate stored in the imaps.pem file rendering all MITM attacks
> impossible.
>
> I'd be grateful if someone could confirm that this setup makes  
> sense. Is
> this the way the verify=3 option is supposed to use?

Yes, this is exactly the way "verify = 3" is supposed to be used.

Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20110115/ee7a42e2/attachment.sig>


More information about the stunnel-users mailing list