"Rainer Gerhards" <[EMAIL PROTECTED]> writes: > Hi, > > I am implementing an upcoming IETF standard ( syslog over TLS, > http://www.ietf.org/internet-drafts/draft-ietf-syslog-transport-tls-12.txt > ). As part of that standard, clients and server need to do mutual > authentication, which can either happen via subject names OR via > fingerprints of the certificates. > > I would like to do the mutual authentication as part of the handshake, > so that the handshake does not complete successfully if the server can > not successfully authenticate the client or the client not > successfully authenticate the server. Is this possible with GnuTLS? If > so, could you give me a clue on what I need to provide to get it > working. > > Any feedback is deeply appreciated.
If I understand correctly, you want to implement TLS client authentication, i.e. when the client also uses a key+certificate. Are you working on the client or server side, or both? In any case, check the gnutls examples, there should be examples for this. /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
