#/usr/local/ssl/bin/openssl req -new -x509 -days 3650 -nodes -out stunnel.pem -keyout stunnel.pem -config stunnel.cnf #/usr/local/ssl/bin/openssl x509 -subject -dates -fingerprint -noout -in stunnel.pem # create RSA certs - Server #RANDFILE = stunnel.rnd [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type [ req_dn ] countryName = Country Name (2 letter code) countryName_default = US countryName_min = 2 countryName_max = 2 stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = localityName = Locality Name (eg, city) localityName_default = 0.organizationName = Organization Name (eg, company) 0.organizationName_default = organizationalUnitName = Organizational Unit Name (eg, section) #organizationalUnitName_default = 0.commonName = Common Name (FQDN of your server) 0.commonName_value = [ cert_type ] nsCertType = server