Thelounge: Support for client TLS certificate auth (CertFP)

Created on 24 Jun 2016 · 5Comments · Source: thelounge/thelounge

1st Request: I have a ZNC server that is setup to allow me to authenticate via SSL certificate. Is there any way that we could setup The Lounge to do this on my behalf? This would also work out for servers that allow identification via CertFP.

2nd Request: Would it be possible to allow authentication to the client app via certificate? I'm hosting it on my server and have users enabled but would like to be able to use SSL certificates when available to me (like at home or at work) for authentication.

If only one could be implemented though I would much prefer the first request since it has a wider effect for end users.

Thanks for your consideration.

Feature Security help wanted

Source

shinji257

👍2 ❤1

Most helpful comment

Had some mildly related chat in #ircv3, and I think we can automatically generate a client certificate for each network.

And we would probably need to provide a button to re-generate the certificate in network edit window.

The main thing that would need figuring out is actually generating a certificate in node.js (especially without having to rely on openssl). And then would need to update irc-framework to allow passing through the client certificate.

EDIT: Pushed some code to generate a client cert: https://github.com/thelounge/thelounge/commit/d18e0fad6a832d870db3a4b126b2bceb6675e36e

xPaw on 8 Feb 2020

❤1 👍1

All 5 comments

As mentioned in #865 duplicate, we have so much on our plate right now, there is no way this ends up being a priority before a long while, unless someone wants to take a stab at it.