The stunnel 3.8 used to read the locally installed certificates from /usr/share/ssl/certs/trusted. A new versions stunnel-3.10-2 and stunnel-3.11-2 do not do this any more Can this functionality be put back? ---- 3.8-4---- [root@localhost /root]# rpm -q stunnel stunnel-3.8-4 [root@localhost /root]# strings /usr/sbin/stunnel |grep /usr/shar /usr/share/ssl/certs/stunnel.pem /usr/share/ssl/certs/trusted default: /usr/share/ssl/certs/stunnel.pem for server mode, default: /usr/share/ssl/certs/trusted /usr/share/ssl/localCA/cacert.pem ---- 3.10-2 and 3.11-2 ----------- rpm -q stunnel stunnel-3.10-2 [root@host99 /tmp]# strings /usr/sbin/stunnel |grep /usr/shar /usr/share/ssl/certs /usr/share/ssl/cert.pem /usr/share/ssl/cert.pem rpm -q stunnel stunnel-3.11-2 [root@host99 /tmp]# strings /usr/sbin/stunnel |grep /usr/shar /usr/share/ssl/certs /usr/share/ssl/cert.pem /usr/share/ssl/cert.pem ----------
stunnel-3.20-1 and later will be built with ---with-cert-dir=/usr/share/ssl/trusted, which should restore this behavior. In the meantime, invoking stunnel with the additional flag "-a /usr/share/ssl/trusted" should work as well. Thanks!