[stunnel-users] password protected key in client certificate
Ludolf Holzheid
lholzheid at bihl-wiedemann.de
Fri Jul 3 13:12:00 CEST 2015
On Fri, 2015-07-03 11:33:40 +0200, Giona Il Profeta wrote:
> Hi all,
>
> I have inherited an old stunnel installation, configured for mutual
> authentication (verify=3) and I'm trying to figure out some of the choices
> of the old sysadmin.
>
> One of the client certificates in the CApath directory has its private key
> encrypted with a password.
>
> Is the client supposed to provide the password to decrypt the key when it
> connects?
Which CApath?
If it's the one on the client box: Yes, the client is supposed to
enter the password when stunnel is started.
If it's the one on the server box: The peer's private key is not used
by stunnel, so no, there is no need for the password.
HTH
Ludolf
--
Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
More information about the stunnel-users
mailing list