diff options
| author | Přemysl Eric Janouch <p@janouch.name> | 2021-05-29 06:38:33 +0200 |
|---|---|---|
| committer | Přemysl Eric Janouch <p@janouch.name> | 2021-05-29 06:38:33 +0200 |
| commit | c75ef167f21c398856706468ca3917f9b64cef32 (patch) | |
| tree | 2b7a643f38d7e1d06f7838748a631406b9281745 | |
| parent | ddffc71abe49a6d9f87b005e0814cb71a2ae8d54 (diff) | |
| download | xK-c75ef167f21c398856706468ca3917f9b64cef32.tar.gz xK-c75ef167f21c398856706468ca3917f9b64cef32.tar.xz xK-c75ef167f21c398856706468ca3917f9b64cef32.zip | |
degesch: document the SASL EXTERNAL support
So far it's only been mentioned in the NEWS file,
which is definitely not sufficient.
It would be good to move this kind of stuff out from README.adoc.
| -rw-r--r-- | README.adoc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/README.adoc b/README.adoc index 550fda9..f4200e5 100644 --- a/README.adoc +++ b/README.adoc @@ -125,6 +125,10 @@ as a `forking` type systemd user service. Client Certificates ------------------- +'degesch' will use the SASL EXTERNAL method to authenticate using the TLS +client certificate specified by the respective server's `tls_cert` option +if you add `sasl` to the `capabilities` option and the server supports this. + 'kike' uses SHA-1 fingerprints of TLS client certificates to authenticate users. To get the fingerprint from a certificate file in the required form, use: |