Ars Technica

SSTP VPN with client machine certificate authentication

We've got a Windows SSTP VPN Server setup, where our domain clients authenticate with their AD credentials. Problem: It's possible to connect from any machine to our VPN. We'd like to change the ...
Network World

SSLVPN Vulnerabilities – Client Certificates offer a superior defense over OTP devices

Blackhat ’08 disclosed several SSLVPN and DNS vulnerabilities that caused several people to sit up and take notice. Some of these new exploits performed a brilliant Man-in-the-Middle attack on SSLVPN ...
Ars Technica

SFTP using certificate authentication

If you want x509 support, you'll have to look at a commercial version of SSH. And, at that point, you would need to use a sftp/scp client built to follow their login process if they require an x509 ...