1 title Cockpit Certificate Authentication
\r
3 Browser -> cockpit-ws: TLS handshake\nwith client cert
\r
5 cockpit-ws -> cockpit-session: auth mode "tls-cert"
\r
7 cockpit-session -> libpam-cockpit-cert: start PAM session
\r
8 note left of libpam-cockpit-cert: no user known yet
\r
10 libpam-cockpit-cert -> cockpit-ws: query certificate
\r
11 libpam-cockpit-cert -> sssd: map certificate
\r
12 sssd -> libpam-cockpit-cert: user name\n(or failure)
\r
13 libpam-cockpit-cert -> cockpit-session: set PAM user name,\nstart session
\r
14 note left of cockpit-session: start cockpit-bridge
\r
15 cockpit-session -> cockpit-ws: success
\r