It is - that's just "belt and braces" stuff (also known as "defence in
depth" :-) )
My *real* issue (if I understand things correctly - which, there's a
significant chance that I don't) is telling dovecot which TLS
certificate to use to connect to the MariaDB back-end.
Mind you, that's *not* the same cert that the users use to connect to
dovecot :-)
On 25/1/25 22:07, Marc wrote:
I'm using a MariaDB backend to a Dovecot server, with TLS required by
the MariaDB server for connections.
My sql_dovecot.conf.ext file is using the following connection line:
`connect = host=mariadb.example.com dbname=mail_server user=vmail
password={REDACTED} ssl_ca=/etc/pki/tls/certs/root_ca.crt`.
I can't work out from the doco or Google what else I need in that line,
but I suspect it'll be something like:
`ssl_cert=/etc/pki/tls/certs/vmail_rsa.pem
ssl_key=/etc/pki/tls/certs/vmail_rsa.key`.
Could someone please confirm this and let me know the actual extra
commands/options - thanks
Why not add your CA to the OS default?
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
