0

I am using stunnel to authenticate RDP (Remote Desktop) and I need to verify that a client possesses the proper credentials. So people cannot brute force into the machine. I am also using a bad (outdated) version of RDP that has security vulnerabilities, so stunnel is a must.

I will preshare the necessary .pem's between machines.

What are the openssl commands I need to create the right .pem files on both the client and on the server? What files need to be shared?

larsks
  • 41,276
  • 13
  • 117
  • 170
unixman83
  • 1,912
  • 8
  • 25
  • 33

2 Answers2

1

A lot of your questions are answered by the stunnel FAQ.

There is also a special page on client certificates.

Christian
  • 4,645
  • 2
  • 23
  • 27
  • these docs are poorly written / not well explained. It is difficult for me to follow. – unixman83 Jan 13 '11 at 23:00
  • as you accepted an answer, it seems you now have your solution. Perhaps you can enhance the stunnel documentation at the points where you had problems. This might help some other people getting the same problems. – Christian Jan 14 '11 at 07:08
1

In addition to the documentation on the stunnel site that @Christian pointed at, there's lot of information out there about using openssl to generate certificates. A google search for openssl certificate authority will get you links to a variety of useful tutorials and examples.

larsks
  • 41,276
  • 13
  • 117
  • 170