[stunnel-users] External validation of client certificates

[Rene Bartsch]

Hi,

we're having a special use case and hope to find a solution in stunnel.

In our use case clients use self-signed X.509 certificates to 
authenticate with our TLS-server. We don't have a CA but a database with 
usernames (DN) and fingerprints of the client-certificates.

Is it possible with stunnel not to validate the client certificates 
against a CA but handover the Distinguished Name to an external 
application which returns the fingerprint to check the certificate 
against?

-- 
Best regards,

Rene Bartsch, B. Sc. Informatics



Current Bitcoin Exchange Rate: https://www.bitcoin.de/de/r/mwfngu