The concept of "client certificate" is baked into the modern web.
I guess you're saying VM doesn't support this natively?
On 6/15/25 01:05, Rob van der Heij wrote:
It is obviously possible to exchange a certificate once the SSL connection
is ready, as part of some home-grown protocol. Your client would need hold
that signed certificate and present it to the server. You might be able to
reuse some logic from GETSHOPZ where we do digital signature verification.
The client would have their signed credentials on file, but it's not
something like a password that could be used for other authentication. The
server side would not need to validate a password but only decode the
certificate that you signed.
Rob
On Sun, Jun 15, 2025, 01:49 Donald Russell <[email protected]> wrote:
Thanks Jack,
No, I don’t want any sort of api/gateway/proxy thing. I was just asking if
some sort of certificate sign-in was practical.
On Sat, Jun 14, 2025 at 10:31 Jack Woehr <[email protected]> wrote:
On 6/14/25 08:02, Donald Russell wrote:
If I have a (z)cms pipe application using tcplisten, how can I make
sure
the in/outgoing traffic is encrypted?
Can you put the connection behind some kind of API gateway?
Jack Woehr # “A learning experience is one of those things
IBM Champion 2021-2025 # that says, 'You know that thing you just did?
http://www.softwoehr.com # Don't do that.'” ― Douglas Adams
--
Jack Woehr # “A learning experience is one of those things
IBM Champion 2021-2025 # that says, 'You know that thing you just did?
http://www.softwoehr.com # Don't do that.'” ― Douglas Adams
