[Dovecot] imaps, certificate and authentification

Timo Sirainen tss at iki.fi
Mon Dec 6 19:01:05 EET 2004


On 6.12.2004, at 18:41, jean-Noël Chardron wrote:

> In dovecot .conf I can enable (or disable) the différent port (pop, 
> pops, imap, imaps) and may be restrict the access to the serveur with 
> the ip adresse.
> Can I configure dovecot in imaps so it permit the access if the 
> certificate is knowing by the server?
> Actually, this is the process to authenticate in WU-imap on imaps : 
> the client connect to the server through a tunnel SSL (stunnel) and 
> only if stunnel know the certificate, then the client can connect.

It's possible, but only in 1.0-tests:

ssl_verify_client_cert = yes
ssl_require_client_cert = yes

Are you already using it? I don't think most clients support it at all.

> and more, Is it possible when the client (with a certificate) connect 
> to the serveur with imaps to authenticate the user without prompting 
> the password, so the authentication is throught the certificate ?

Not yet, but I somehow doubt many clients would work with it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20041206/2c7e0f37/attachment-0001.bin>


More information about the dovecot mailing list