История изменений
Исправление
sanyock,
(текущая версия)
:
Наверно вот это:
https://www.stunnel.org/auth.html
[pinning client]
client = yes
accept = 127.0.0.1:<src_port>
connect = <server_host>:<server_port>
verifyPeer = yes
CAfile = peer-certificate.pem
The peer-certificate.pem file needs to contain the server certificate.
оно предотвратит MITM, например, до gmail IMAP?
если удастся хотя бы раз получить правильный серт
Исправление
sanyock,
:
Наверно вот это:
https://www.stunnel.org/auth.html
[pinning client]
client = yes
accept = 127.0.0.1:<src_port>
connect = <server_host>:<server_port>
verifyPeer = yes
CAfile = peer-certificate.pem
The peer-certificate.pem file needs to contain the server certificate.
оно предотвратит MITM, например, до gmail IMAP?
Исправление
sanyock,
:
https://www.stunnel.org/auth.html
[pinning client]
client = yes
accept = 127.0.0.1:<src_port>
connect = <server_host>:<server_port>
verifyPeer = yes
CAfile = peer-certificate.pem
The peer-certificate.pem file needs to contain the server certificate.
Исходная версия
sanyock,
:
https://www.stunnel.org/auth.html
[pinning client]
client = yes
accept = 127.0.0.1:<src_port>
connect = <server_host>:<server_port>
verifyPeer = yes
CAfile = peer-certificate.pem
The peer-certificate.pem file needs to contain the server certificate.