[stunnel-users] External validation of client certificates

Rene Bartsch ml at bartschnet.de
Fri Nov 14 15:07:06 CET 2014


we're having a special use case and hope to find a solution in stunnel.

In our use case clients use self-signed X.509 certificates to 
authenticate with our TLS-server. We don't have a CA but a database with 
usernames (DN) and fingerprints of the client-certificates.

Is it possible with stunnel not to validate the client certificates 
against a CA but handover the Distinguished Name to an external 
application which returns the fingerprint to check the certificate 

Best regards,

Rene Bartsch, B. Sc. Informatics

Current Bitcoin Exchange Rate: https://www.bitcoin.de/de/r/mwfngu

More information about the stunnel-users mailing list