12-15-2011
Update CRL in stunnel?
Hi,
Does anyone know if there is a way to update CRLs in stunnel, without restarting stunnel? If I copy a new CRL to my CRLPath, it is only used for services (from config file) that hasn't been used yet. Services that has been used at least once does not care about new CRLs...
4 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
am tring to start stunnel version 4.05 that come standard with Suse
Enterprise 9 CD.
I intend to start stunnel as a daemon, I have generate and self signed
the certificate using openssl with openssl version 0.9.7d but stunnel
will not start up instead I received the following error message
... (1 Reply)
Discussion started by: hassan1
1 Replies
2. SCO
Hi there
I have compiled a binary of stunnel for SCO Openserver 5.0.7
At the moment the binary is in /u/testroom/sbin/stunnel
as root I cd to /u/testroom/sbin and start the stunnel daemon up with ./stunnel
The stunnel log shows when users successfully connect or disconnect, so... (1 Reply)
Discussion started by: The_Librarian
1 Replies
3. UNIX for Advanced & Expert Users
OS: Sun Solaris 10 (5.10)
Stunnel has been installed but when I try to run it, I get a directory permission error. Not sure what it means by 'Not owner' even though that's plain English.
I have changed the chroot to a directory (var/tmp) that I'm sure all users have access to so not sure... (0 Replies)
Discussion started by: neapolitan
0 Replies
4. UNIX for Advanced & Expert Users
HI
I'm trying to install stunnel as(or in) non-root user.
there are these options setuid and setgid in stunnel.conf ,that by default are "nobody". but u can change them to "user" .. to enable stunnel in non root mode
I tried doing it but no luck.
Please drop in your valuable suggestions
... (2 Replies)
Discussion started by: leghorn
2 Replies
LEARN ABOUT CENTOS
cms_get1_crls
CMS_add0_cert(3) OpenSSL CMS_add0_cert(3)
NAME
CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_get1_crls, - CMS certificate and CRL utility functions
SYNOPSIS
#include <openssl/cms.h>
int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
DESCRIPTION
CMS_add0_cert() and CMS_add1_cert() add certificate cert to cms. must be of type signed data or enveloped data.
CMS_get1_certs() returns all certificates in cms.
CMS_add0_crl() and CMS_add1_crl() add CRL crl to cms. CMS_get1_crls() returns any CRLs in cms.
NOTES
The CMS_ContentInfo structure cms must be of type signed data or enveloped data or an error will be returned.
For signed data certificates and CRLs are added to the certificates and crls fields of SignedData structure. For enveloped data they are
added to OriginatorInfo.
As the 0 implies CMS_add0_cert() adds cert internally to cms and it must not be freed up after the call as opposed to CMS_add1_cert() where
cert must be freed up.
The same certificate or CRL must not be added to the same cms structure more than once.
RETURN VALUES
CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return 1 for success and 0 for failure.
CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs or NULL if there are none or an error occurs. The only error
which will occur in practice is if the cms type is invalid.
SEE ALSO
ERR_get_error(3), CMS_sign(3), CMS_encrypt(3)
HISTORY
CMS_add0_cert(), CMS_add1_cert(), CMS_get1_certs(), CMS_add0_crl() and CMS_get1_crls() were all first added to OpenSSL 0.9.8
1.0.1e 2013-02-11 CMS_add0_cert(3)