On Fri, 2015-07-03 11:33:40 +0200, Giona Il Profeta wrote: > Hi all, > > I have inherited an old stunnel installation, configured for mutual > authentication (verify=3) and I'm trying to figure out some of the choices > of the old sysadmin. > > One of the client certificates in the CApath directory has its private key > encrypted with a password. > > Is the client supposed to provide the password to decrypt the key when it > connects?
Which CApath? If it's the one on the client box: Yes, the client is supposed to enter the password when stunnel is started. If it's the one on the server box: The peer's private key is not used by stunnel, so no, there is no need for the password. HTH Ludolf -- Ludolf Holzheid Bihl+Wiedemann GmbH Floßwörthstraße 41 68199 Mannheim, Germany Tel: +49 621 33996-0 Fax: +49 621 3392239 mailto:[email protected] http://www.bihl-wiedemann.de Sitz der Gesellschaft: Mannheim Geschäftsführer: Jochen Bihl, Bernhard Wiedemann Amtsgericht Mannheim, HRB 5796 _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
