On Wed, 2015-01-07 10:11:39 -0500, Leon Smith wrote: > Actually, that may be it, thank you. I definitely overlooked this > option when I browsed the man page. I'll pass on this information to some > interested parties and give them a chance to make it work. And I'll > probably try this myself at some point soon. > > (Incidentally, it's an HTTP client that doesn't support HTTPS, even though > the server does, so it appears I'll need protocol=connect and CAfile=... > for certificate pinning as well.)
I don't know your setup, but if there is no proxy involved, you don't need the 'protocol=...' option. For certificate pinning, you'll certainly need 'CAfile=...' or 'CApath=...', and 'verify=LEVEL' with LEVEL not below 2. HTH, Ludolf -- Bihl+Wiedemann GmbH Floßwörthstraße 41 68199 Mannheim, Germany Tel: +49 621 33996-0 Fax: +49 621 3392239 mailto:[email protected] http://www.bihl-wiedemann.de Sitz der Gesellschaft: Mannheim Geschäftsführer: Jochen Bihl, Bernhard Wiedemann Amtsgericht Mannheim, HRB 5796 _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
