You can't do this in the current implementation of TLS -- a "password"
that is checked per-session is an application-layer issue, not a
protocol-layer issue. It's handled on webservers by either having
them require Basic authentication even after a successful SSL/TLS
handshake (possibly including
I am not talking about the pem pass phrase here. I want a last line of authentication from the client. I want the server to have a list of common names of clients it trusts. With these client names also a client password will be stored on the server side. At runtime the server asks for this passwor
