Now that I've read a bunch of articles and have seen a pile of examples of how pairs of a certificate and a private key can be created I must say they all suggest different approaches and techniques to creating certificates and ultimately bewildered me. Could anyone please explain as simply as possible, in layman's terms what exactly must be done? Let's talk about simple scenario with two hosts (A & B) involved, both running stunnel. Let us assume host A is the server and host B is the client. cert = CAfile = must be created. And we use verify level 3 (verify = 3) So, what exactly do we do now? And what happens in the dialog between these two machines? -- Ivan Lezhnjov Jr. Europe, Ukraine, Simferopol Running Source Mage GNU/Linux, kernel version 2.6.24 build #5 +----------------------------------------------------------------------+ Key ID 0x5811D90C Key Fingerprint 2A52 5C8C 38BE C04F D8DE A169 19E2 E49A 5811 D90C Use GPG Exercise Your Right To Privacy