Reviving an old thread: "requiring client certificates for external connections"

Robert Giles rgiles at arlut.utexas.edu
Thu Sep 3 18:25:41 UTC 2015


Hi folks - reviving an old thread from 2010:

http://www.dovecot.org/list/dovecot/2010-December/055837.html

We're basically looking to do the same thing:  require client 
certificates for external connections, while preserving certificate-less 
username/password authentication for internal connections.

Any tips on the best way to accomplish this?

'ssl_verify_client_cert = yes' can go within a local {} block, but it 
doesn't seem to force the client to submit a certificate.

Thanks in advance -

Robert Giles


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3835 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150903/bdeb1701/attachment.p7s>


More information about the dovecot mailing list