Thanks for sharing this! I think I may now have what I need to set up a system with multi-user shared keys that only work for a given set of users.

I do enjoy dual-PK-certificate authentication in my homelab: one by equipment, and one by user/group.

Only misgiving is that the key management issues have worsen only for the key administrator(s). But it is a viable and sustainable AA model because there is the most important security component: instant denial of a user and/or a equupment.

We must have knocked your site offline

Uptime remains uninterrupted.

Are you using the verboten Chrome and its inability to negotiate and defer to server absolut side of ChaCha20-Poly1305 with sha512? It refuses client-demanded Chrome-forced ChaCha/sha256, AES and then RSA.