Certificates: Difference between revisions

From Bondix Wiki
(draft)
 
No edit summary
Line 1: Line 1:
SANE allows the use of certificates for authentication, both for server and client.  
SANE allows the use of certificates for authentication, both for server and client.  


= Client Certificate Authentication =
= Client Certificate based Authentication =
 
''When certificate based client authentication is used, it is not required to explicitly create a tunnel configuration on the server.''
== Server Setup ==
== Server Setup ==
* create server certs (./ssl/create-server-certs.sh)
* create server certs (./ssl/create-server-certs.sh)

Revision as of 01:31, 26 June 2021

SANE allows the use of certificates for authentication, both for server and client.

Client Certificate based Authentication

When certificate based client authentication is used, it is not required to explicitly create a tunnel configuration on the server.

Server Setup

  • create server certs (./ssl/create-server-certs.sh)
  • create signed client cert (./ssl/create-client-cert.sh <tunnelname>)
  • set root certificate in saneserver-config

Client Setup

  • load cert&key pair


Server Certificate Authentication

Server Setup

  • set/create ssl cert

Client Setup

  • load public root key from server
Retrieved from "https://wiki.bondix.dev/index.php?title=Certificates&oldid=29"