[Dovecot] Client certificate verification/authentication
Timo Sirainen
tss at iki.fi
Mon Jun 4 15:36:48 EEST 2007
On Mon, 2007-06-04 at 11:39 +0200, eizert wrote:
> Timo Sirainen a écrit :
> > On Tue, 2007-05-29 at 12:06 +0200, eizert wrote:
> >
> >> Not in Dovecot...
> >> In my log, i've simply :
> >> dovecot: auth(default): Client didn't present valid SSL certificate
> >>
> >
> > Set verbose_ssl=yes and it should log more. It should then log either
> > "Invalid certificate" or "Valid certificate". If it logged neither, then
> > your client didn't send a certificate at all.
> >
> >
> I've set this option.
>
> I've create certificate signed trusted and set CA and create CRL. I have
> put CRL in the CA certificate by cat ca-crl.pem >> ca.crt.pem
> Also my MUA use CRL with https://myhostname/crl.der
>
> But i've simply this information in my log : Client didn't present valid
> SSL certificate
Then I'd say the client didn't present any certificate at all to
Dovecot. Are you sure the client even supports sending the certificate?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070604/2be1fd34/attachment-0001.bin
More information about the dovecot
mailing list