Am 28.06.2013 23:31, schrieb Ireneusz Szcześniak: > I've been using Dovecot 2.1.8 on OpenBSD 5.2 i386 for about a month. It works > great. Dovecot serves IMAPS only, > and I'm using Thunderbird to access my mail. > > I configured Dovecot to allow clients that present a valid certificate when > establishing SSL connection. I > configure my Thunderbird for SSL/TLS connection with normal password. It > works fine. > > However, with my config anybody can connect to my server without presenting a > certificate
google "dovecot ssl client certificate" leads to http://wiki.dovecot.org/SSL/DovecotConfiguration well, this is for dovecot 1.x, but have you tried it? Client certificate verification/authentication If you want to require clients to present a valid SSL certificate, you'll need these settings: ssl_ca_file = /etc/ssl/ca.pem ssl_verify_client_cert = yes auth default { ssl_require_client_cert = yes .. }
signature.asc
Description: OpenPGP digital signature
