3 Feb
2013
3 Feb
'13
6:54 p.m.
Hello Javier,
On 02/02/13 22:40, Javier wrote:
Then, I can't help here. You'll need a separate app in the middle to allow only one username and password that could pass to the DB app if correct, as well as the rest of data traffic.
That's what we are working on : some small additions to stunnel, to (optionally) send some certificate-related data to the downlink application, and a protocol-aware relay downlink (in front of the real application). This relay will receive the certificate-related data and the stunnel-decrypted data flow, make its checks and let pass or drop everything.
Sincerely,
--
Pierre-Yves Bonnetain-Nesterenko
B&A Consultants - Sécurité informatique - www.ba-consultants.fr
Tel. : +33 (0) 563 277 241 - Fax : +33 (0) 567 737 829