We have just finished with the implementation of mutual (two-way) TLS connections (#5883) for secured FTP and WebDAV (HTTPS) connections. When a server requests a client certificate for authentication, a prompt is displayed to choose a certificate with a private key that matches the given issuer name requested from the server. Matching certificates are searched for in the Keychain on OS X or the Windows Certificate Manager respectively.
To configure your server for mutual TLS authentication, refer to corresponding documentation.
- Apache HTTPD Client Authentication and Access Control
- ProFTPD TLS Client Authentication
- The configuration options validate_cert, ca_certs_file in vsftpd
- Mutual SSL authentication should also work with OpenStack Keystone deployment using PKI deployments.