[stunnel-users] Verify = 3 and Giganews
Thomas Eifert
kxkvi at wi.rr.com
Fri Jan 13 23:01:57 CET 2012
Michal:
Thanks for taking the time to answer a question about a non-stunnel
issue.
I saw the verify=4 in the manual, but was unsure about whether or
not it validated against the locally installed certificate. I updated my
stunnel.conf, and am no longer having any issues.
Thanks again; you are one of the unsung heroes.
Thomas
On 1/13/2012 11:17 AM, Michal Trojnara wrote:
> Thomas Eifert wrote:
>> 2012.01.12 14:05:01 LOG4[292:3840]: CERT: Verification error: unable
>> to get local issuer certificate
>
> Unfortunately sending root CA certificate within the chain is optional.
> This is why root CA certificate didn't make it to your peer-nntps3.pem.
>
> The good news is that in recent versions of stunnel I implemented a
> solution for it:
>
>> verify = 3
>
> Replace it with "verify = 4". This option only checks the peer
> certificate, and ignores all other certificates in the chain.
>
> Mike
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
More information about the stunnel-users
mailing list