[Dovecot] SSL Certifcates
Timo Sirainen
tss at iki.fi
Thu Aug 7 22:42:16 EEST 2008
On Aug 7, 2008, at 2:49 PM, Stephen Feyrer wrote:
> Hi anyone.
>
> Can dovecot be configured to authenticate user using only SSL
> Certificates only and not ask for a password.
>
> So far I've got it taking the username from the common name of the
> certificate but I like it to use the certificate in place of the
> password.
>
> Is this possible and how?
If you're that far, then you're already authenticating the user
against the certificate. Or assuming you have
ssl_require_client_cert=yes. Then just create a passdb that accepts
any password as valid for the user (nopassword=yes extra field).
In theory there's also this EXTERNAL SASL mechanism that could be used
to log in without user/pass, but Dovecot doesn't currrently support
that and I'm not aware of any clients supporting it either.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20080807/226e1d21/attachment.bin
More information about the dovecot
mailing list