You can't do this in the current implementation of TLS -- a "password" that is checked per-session is an application-layer issue, not a protocol-layer issue. It's handled on webservers by either having them require Basic authentication even after a successful SSL/TLS handshake (possibly including client certificate), and then it's re-sent on every connection that requires that realm.
-Kyle H On 4/2/06, michael Dorrian <[EMAIL PROTECTED]> wrote: > I am not talking about the pem pass phrase here. I want a last line of > authentication from the client. I want the server to have a list of common > names of clients it trusts. With these client names also a client password > will be stored on the server side. At runtime the server asks for this > password before the ssl connection can be opened. Also the user name is got > from the client certificates common name. How is this usually done and is > there a function that does this?. > > ________________________________ > Blab-away for as little as 1ยข/min. Make PC-to-Phone Calls using Yahoo! > Messenger with Voice. > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
