[stunnel-users] X509 certificate info extract and use

Pierre-Yves Bonnetain py.bonnetain at ba-consultants.fr
Sun Feb 3 19:54:06 CET 2013


Hello Javier,

On 02/02/13 22:40, Javier wrote:
> Then, I can't help here. You'll need a separate app in the middle 
> to allow only one username and password that could pass to the DB 
> app if correct, as well as the rest of data traffic.

That's what we are working on : some small additions to stunnel, to
(optionally) send some certificate-related data to the downlink
application, and a protocol-aware relay downlink (in front of the real
application). This relay will receive the certificate-related data and
the stunnel-decrypted data flow, make its checks and let pass or drop
everything.

Sincerely,
-- 
Pierre-Yves Bonnetain-Nesterenko
B&A Consultants - Sécurité informatique - www.ba-consultants.fr
Tel. : +33 (0) 563 277 241 - Fax : +33 (0) 567 737 829



More information about the stunnel-users mailing list