Thread: Telnet/SSL
View Single Post
  #7  
Old 05-13-2014, 10:16 AM
Saken Saken is offline
Registered User
 
Join Date: May 2014
Posts: 6
I apologize for the confusion and I am certainly not knowledgeable when it comes to TLS/SSL.

SecureCRT has an option to create a Telnet/SSL link to a device. I specify an IP address to the device I want to connect to and select connect. It tells me that the server needs a client certificate. I have two certificates, a .p12 and a .pfx.

Under, global options > ssh2 I select to pull from the CAPI (Personal store).

I install the .pfx, which was created using IIS 6.1, into my personal store and it still tells me that I need a client certificate.

I install the .p12, which someone gave me, into my personal store and I am able to SSL to the end device but I must disable certificate validation in order to do so (makes sense because I don't have their CA.cer).

You are right, if I turn mutual authentication off I can connect with no certificate loaded but I am pretty sure that is not the point of Telnet/SSL.

Again, I have very little knowledge on this particular subject but I cant believe turning mutual authentication off would be a fix. It seems like it would be a security violation.
Reply With Quote