Re: [stunnel-users] Is there a way to specify certificate content in stunnel config

Tue, 24 Jul 2018 03:32:32 -0700 

Hi Eric,
I run my application with stunnel in the client mode (client = yes in config 
file) . I do not have control on the stunnel running in server mode though. 
If i understand your mail correctly, the hack is to copy the certs to any local 
directory that should be accessible and then delete the same after the 
connection is established? I dont have problems maintaining the pem files if i 
can access the file system to create them, but i am exploring an option, which 
i couldnt figure out from the stunnel documentation, if i can specify the certs 
inside the configuration file for stunnel itself rather than feeding them 
through a file. I have an environment where the certificates and keys are 
available as strings to my applications and hence the idea is to use them 
directly in stunnel config rather than as a file.
Thanks
Hari 

    On Tuesday, July 24, 2018, 4:20:32 AM GMT+5:30, Eric S Eberhard 
<[email protected]> wrote:  
 
 
Use stunnel in inetd mode.  Execute a script (or better C program).  Copy the 
certificates for making the stunnel connection to a directory that is OK … then 
delete them immediately after stunnel starts.  Hack – but might be OK for what 
you are doing.

  

I am not sure why anyone would think it more secure to put the keys into the 
stunnel command than to just use them from a file … but I likely do not know 
enough about your application to make a judgement.

  

Eric

  

  

Eric S Eberhard

VICS (Vertical Integrated Computer Systems)

Voice: 928 567 3529

Cell    : 928 301 7537  (not reliable except for text or if not home)

2933 W Middle Verde Rd

Camp Verde, AZ  86322

  

From: stunnel-users [mailto:[email protected]] On Behalf Of Hari
Sent: Thursday, July 19, 2018 4:42 AM
To: [email protected]
Subject: [stunnel-users] Is there a way to specify certificate content in 
stunnel config

  

Hi,

  

I have a requirement where in i cannot specify the certificate and/or private 
key details as "files" to stunnel configuration, owing to the location and/or 
file system availability for stunnel to access them.

  

Is there a way to specify the actual certificate content in stunnel 
configuration (similar to other parameters like port numbers etc.,) so that the 
same can be leveraged.

  

Thanks

Hari

  

| 

 | 
Virus-free. www.avg.com 
 |


  
  
_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

Reply via email to