mirror of
https://github.com/vimagick/dockerfiles.git
synced 2024-12-23 01:39:27 +02:00
allow verify certificate chain in client mode (optional)
* `verifyChain` allows stunnel to verify the remote certificate chain. the default is still no, so it should keep backwards compatibility. * `CAfile` points to a file that should exist on Alpine and includes the root certificates. It has no effect unless `verifyChain` is set to yes.
This commit is contained in:
parent
39546fe58f
commit
079fdc9300
@ -10,6 +10,8 @@ socket = l:TCP_NODELAY=1
|
|||||||
socket = r:TCP_NODELAY=1
|
socket = r:TCP_NODELAY=1
|
||||||
cert = /etc/stunnel/stunnel.pem
|
cert = /etc/stunnel/stunnel.pem
|
||||||
client = ${CLIENT:-no}
|
client = ${CLIENT:-no}
|
||||||
|
verifyChain = ${VERIFY_CHAIN:-no}
|
||||||
|
CAfile = /etc/ssl/cert.pem
|
||||||
|
|
||||||
[${SERVICE}]
|
[${SERVICE}]
|
||||||
accept = ${ACCEPT}
|
accept = ${ACCEPT}
|
||||||
|
Loading…
Reference in New Issue
Block a user