feature ? authorizing only given certificates ?
Hello My european organization is using a certificate chain which signs tens of thousands of user certificates. My local organization counts 300 users ... and i only want these 300 to get in the IT system. I'd like to know if there is a way to restrict the connection to a subset of certificates ( for example based on a list of authorized emails which are written in the certificate ) Sincerely Fred
On Wed, 10 Jul 2019 16:01:31 +0000 (UTC) "fmgre-dell@yahoo.fr" <fmgre-dell@yahoo.fr> wrote:
Hello My european organization is using a certificate chain which signs tens of thousands of user certificates. My local organization counts 300 users ... and i only want these 300 to get in the IT system. I'd like to know if there is a way to restrict the connection to a subset of certificates ( for example based on a list of authorized emails which are written in the certificate )
Sincerely Fred
Hi, read the manual reference to checkEmail and other check options. Regards.
Fred, On 7/10/19 12:01, fmgre-dell@yahoo.fr wrote:
Hello
My european organization is using a certificate chain which signs tens of thousands of user certificates.
My local organization counts 300 users ... and i only want these 300 to get in the IT system.
I'd like to know if there is a way to restrict the connection to a subset of certificates ( for example based on a list of authorized emails which are written in the certificate )
Sincerely
Fred
_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
Fred, (Apologies for the previous empty email.) On 7/10/19 12:01, fmgre-dell@yahoo.fr wrote:
Hello
My european organization is using a certificate chain which signs tens of thousands of user certificates.
My local organization counts 300 users ... and i only want these 300 to get in the IT system.
I'd like to know if there is a way to restrict the connection to a subset of certificates ( for example based on a list of authorized emails which are written in the certificate )
Why not simply create a new CA certificate, sign those 300 you trust, and then trust the new CA? -chris
Thanks you for your answers( sorry for not knowing the checkEmail option in the man page :-( I ll try that for the 300 emails ) (( i m not keen on building a key Management framework from scratch just for this use : the user will need the european certificate for some use and then a second one for other uses ... the certificate management is always considered as complicated by end users ... )) Thanks again Fred Le mercredi 10 juillet 2019 18:01:31 UTC+2, fmgre-dell@yahoo.fr <fmgre-dell@yahoo.fr> a écrit : Hello My european organization is using a certificate chain which signs tens of thousands of user certificates. My local organization counts 300 users ... and i only want these 300 to get in the IT system. I'd like to know if there is a way to restrict the connection to a subset of certificates ( for example based on a list of authorized emails which are written in the certificate ) Sincerely Fred
participants (3)
-
Christopher Schultz -
fmgre-dell@yahoo.fr -
Javier