Hi, I have a running mail server with postfix, which implements TLS support and SASL for authentication. I'm looking forward how to authenticate a smtp client thanks to his own certificate (eg i would like to create a self signed certificate for my thunderbird agent and rely on this certificate to authenticate myself to my smtp ). Furthermore, I would like to add this security measure to the one i already have on my server, ie with login/password. What i did til now is : - adding to the main.conf : smtpd_tls_ask_ccert=yes smtpd_use_tls=yes relay_clientcerts=hash:/etc/postfix/relay_clientcerts and i add "permit_tls_client_cert" to the smtpd_recipient_restriction. - creating a file /etc/postfix/relay_clientcerts.db (if i do note put the extension .db at the end i got in my log "/etc/postfix/relay_clientcerts.db: no such file or directory"... ) which contains the md5 hash and a domain name (ex: 00:8B:02:30:9D:18:F4:81:5D:2F:48:E4:5B:17:82:A7 client_1.my.domain)
I got in the log : /etc/postfix/relay_clientcerts.db: Inappropriate file type or format. I don't know why, maybe you have a clue for me ? Thanks a lot.
