Timo Sirainen a écrit :
On Tue, 2007-05-29 at 12:06 +0200, eizert wrote:
Not in Dovecot...
In my log, i've simply :
dovecot: auth(default): Client didn't present valid SSL certificate
Set verbose_ssl=yes and it should log more. It should then log either
"Invalid certificate" or "Valid certificate". If it logged neither, then
your client didn't send a certificate at all.
I've set this option.
I've create certificate signed trusted and set CA and create CRL. I have
put CRL in the CA certificate by cat ca-crl.pem >> ca.crt.pem
Also my MUA use CRL with https://myhostname/crl.der
But i've simply this information in my log : Client didn't present valid
SSL certificate
Very hard to debug.
When if i turn off ssl_verify_client_cert and ssl_require_client_cert
(but only ss_require_client_cert posed a problem) I think that
ss_verify_client_cert it's
simply X509 verify but i'm not sure, i don't read the source...
I try to compile dovecot with no CRLs usage for test it.
