On 8/23/2011 6:42 AM, Alano Conraz wrote:
>     Create the .db file with postmap.
>     postmap hash:relay_clientcerts
> 
> 
> thanks for the hint!
> I did it and it almost worked. Almost, because the smtp server asked
> me for a certificate, but i can still send messages with my MUA with
> no certificate  (or with a non-registered certificate). 
> Which option should i change ? 
> I thought it was relay_clientcerts, i tried
> smtpd_client_restrictions too (i don't want to remove the option
> permit_sasl_authentication, i just add check_ccert_access
> hash:/etc/postfix/relay_clientcerts). 
> 
> Thanks.
> 
> 

List the authorized certificate fingerprints in relay_clientcerts,
and everywhere you have permit_mynetworks ADD permit_tls_clientcerts.

If that's not working as expected, you'll need to show your config
and what is happening.  Please see
http://www.postfix.org/DEBUG_README.html#mail



  -- Noel Jones

Reply via email to