Thank you for clarifying. I generated a new self-signed certificate and verify=4 works.
However, when I generate a non-self-signed certificate signed by a third party CA, "verify=4" gives me the same error as in my initial post. It still expects to find CA's certificate together with the server's certificate in CAfile. The description in manpage is:* level 4* Ignore CA chain and only verify peer certificate. Apparently the description is inaccurate.
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
