Verifying the client certificate is only half the issue. The other half is deciding whether or not the holder of the cert is authorized to access the service and with what user name(s).
This requires more than simply checking to see if the client cert can be validated by a CA Root cert. > > Have many options, SSLTelnet for example. > But maybe more easy is use stunnel, this too works fine for this case > (verify client certs). > > regards, > > ./nelson -murilo > > > > Hi all ssl-ers. > > =20 > > Questions. > > =20 > > Anybody knows how to configure telnetd-ssl for authenticate by client = > > certificate ? > > =20 > > Anybody knows the handshake process flow on this case ? > > =20 > > When telnetd-ssl has to verify certs of telnet-ssl (client) where does = > > it searchs CA cert and key ?=20 > > =20 > > Anybody have a problem to understand the configuration of telnetd-ssl ? = > > On Debian linux ? S:-( > > =20 > > Zanx. > > =20 > > Manuel Guerrero Martos > > IN3 S.A.L. > > C/ Prim, 16 A - Bajo > > 12003 Castell=F3n > > 964723680 > > [EMAIL PROTECTED] > > www.in3.es > > =20 > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!! The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP http://www.kermit-project.org/ Secured with MIT Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
