Next: Restricted CAs, Previous: Certificate trust management, Up: tofuproxy
If you want to use TLS client certificates, then place them to
-ccerts directory. If server requests for the certificate, then
dialogue window will be shown with the subjects of known client
certificates. You can close that window to omit certificate sending
once. NONE
(n
hotkey) will remember that decision for long.
To list currently saved host and certificate associations:
$ cat fifos/list-tls-auth example.com CN=client.example.com gemini.example.com NONE
To delete one of them:
$ echo example.com >fifos/del-tls-auth
To preadd:
$ echo example.com path/to/client.cert.pem >fifos/add-tls-auth