[stunnel-users] Individual user certs for each person who uses Windows PC
Jason.Haar at trimble.co.nz
Mon Sep 6 05:35:35 CEST 2010
On 09/01/2010 09:02 PM, Michal Trojnara wrote:
> I think this request should rather be addressed to the OpenSSL team.
> AFAIK Windows Certificate Store was specifically designed to prevent
> non-Microsoft SSL implementations from using it directly, i.e. without
> manual key export.
You should look again - lots of non-M$ products use this API. e.g
openvpn for Windows allows you to use the personal cert that other M$
components like MSIE uses - see " cryptoapicert"
Load the certificate and private key from the Windows
cate System Store (Windows Only).
Use this option instead of --cert and --key.
This makes it possible to use any smart card, supported
dows, but also any kind of certificate, residing in
Store, where you have access to the private key. This
has been tested with a couple of different smart cards
Cryptoflex, and Swedish Post Office eID) on the client
also an imported PKCS12 software certificate on the server
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the stunnel-users