Stunnel client configuration
stunnel has CAfile set to CA, which signed both server key and client key.verify = 2 at stunnel config should compare CA of the client to the ones it trusts.While trying to run python script I get: : Error 1 connecting to localhost:636.
Server goes to stunnel config, and client goes to python application: r = redis.Redis(host='localhost', ssl=True, port=636, db=0, ssl_certfile='client.crt', ssl_keyfile='client.key') The above procedure happens 2 times to generate server and client keypair. Then I am decrypting the key via openssl rsa Then I am generating signed certificate via openssl x509 -req with CA and CAkey pointing to ca.crt and ca.key Then I am generating csr via openssl req -new -key. Then I am generating key via openssl genrsa -des3 Create the chroot directory and give the user specified by the setuid option write access to it.
STUNNEL CLIENT CONFIGURATION FREE
Instead of 632, you can use any free port that you prefer. I generate all of the keys and certificates with openssl: # generate ca Similarly, to configure stunnel as a TLS wrapper for CUPS, use the following values: cups accept 632 connect 631.