Am 29.06.2013 15:54, schrieb Charles Marcus:
>>> well, this is for dovecot 1.x, but have you tried it?
>>>
>>> Client certificate verification/authentication
>>> If you want to require clients to present a valid SSL certificate, you'll
>>> need these settings:
>>>
>>> ssl_ca_file = /etc/ssl/ca.pem
>>> ssl_verify_client_cert = yes
>>> auth default {
>>> ssl_require_client_cert = yes
>>> ..
>>> }
>
>> Thanks for your email. Yes, I looked before at that website before. I'm
>> using these options with Dovecot 2.1.8,
>> among others:
>>
>> auth_ssl_require_client_cert = yes
>> ssl_verify_client_cert = yes
>> ssl_ca = </etc/ssl/certs/cacertcrl.pem
>
> I'm not sure why Reindl pointed you to the 1.x docs when you are using 2.x...because it is a good start-point and i do not need the feature and in this case it should be enough that i start to google for others at all however, if you would have followed this thread you would have realized that the OP demaned technical impossible things like "uhm openssl should reject the connction without cert before running any dovecot code"
signature.asc
Description: OpenPGP digital signature
