I would like to be able to use a trusted certificate on Stunnel proxy, The default one does not seem to allow me to do this. Is there a way to do this please? Would need to be free.
Asked
Active
Viewed 1,919 times
1 Answers
1
In your stunnel config file, use either CAfile or CApath and point it to your certificate. If you're doing client authentication, make sure you're on the latest version of stunnel and set engine = capi and engineID = capi.
Wesley
- 32,320
- 9
- 80
- 116
-
thanks, There is no option for this. [https] accept = 8443 connect = 8090 cert = stunnel.pem – radar Jul 26 '18 at 04:01
-
I'm not sure what you mean that there isn't an option for that. You have to add it to the config file. What version of stunnel for Windows are you running? – Wesley Jul 26 '18 at 04:52
-
I am running the latest one on Windows, 2nd July 2018. Where do I put it on the config file? – radar Jul 26 '18 at 04:59
-
Here's an example Windows stunnel config: https://www.stunnel.org/config_windows.html You put `engine = capi` in the global portion, you put `engineID = capi` in each section that needs the CAPI engine. (This is for client auth stuff). Otherwise, `CAfile` and `CApath` also go in the global config portion of the file. – Wesley Jul 26 '18 at 05:15
-
thanks heaps, Can I use a .crt file from Lets encrypt? – radar Jul 26 '18 at 05:17
-
Probably - no reason why it wouldn't. You'll probably have to use `openssl` or something similar to convert it to a x.509 file to something more preferable to Windows. – Wesley Jul 26 '18 at 05:25