How to use an intermediate certificate with Stunnel

The following has been tested with Stunnel4 on Debian and Ubuntu.

To use an intermediate certificate with Stunnel you can simply combine the key, SSL certificate and intermediate certificate into a single file. Important is that you use the right order (key, certificate, intermediate certifcate) or it won’t work.

cat certificate.key certificate.pem intermediate.pem > stunnel.pem

Then specify the file in your stunnel config file, e.g. /etc/stunnel/stunnel.conf.

cert = /etc/stunnel/stunnel.pem

You do not need to add a key or CAfile value to your configuration file. You can check at http://certlogik.com/sslchecker/ if your certificate is working properly.