From c1c450c334bfc4071cb29e50a1fbc6b14ca63f18 Mon Sep 17 00:00:00 2001
From: vlaborie <vlaborie+gitit@evolix.fr>
Date: Sat, 13 May 2017 22:10:55 +0200
Subject: [PATCH] Initial sslauth doc

---
 HowtoSSLauth.md | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/HowtoSSLauth.md b/HowtoSSLauth.md
index 9560b637..231af94b 100644
--- a/HowtoSSLauth.md
+++ b/HowtoSSLauth.md
@@ -16,4 +16,29 @@ Ce que l'on sait moins, c'est que SSL/TLS permet aussi l'authentification des cl
 
 $ openssl version
 OpenSSL 1.0.2h  3 May 2016
-~~~
\ No newline at end of file
+~~~
+
+## Coté serveur
+
+### Apache
+
+~~~
+SSLCACertificateFile /etc/ssl/certs/CA.pem
+SSLVerifyDepth 1
+SSLVerifyClient require
+~~~
+
+### Nginx
+
+~~~
+ssl_client_certificate /etc/ssl/certs/CA.pem;
+ssl_verify_client require;
+~~~
+
+## Coté client
+
+### Curl
+
+~~~
+curl --cert ./client.crt --key ./client.key -u "user:pass" "https://example.com"  
+~~~