simple bind + X.509 client certificate?
Heiko Schlittermann
hs at schlittermann.de
Fri Feb 5 16:13:12 UTC 2016
Hi,
using dovecot 2.2.9. The LDAP server requests a client certificate from
dovecot. This client certificate will not be used for authentication,
but anyway, the server requests it. No SASL is involved.
ldapsearch and Exim work as expected, sending the client cert.
The slapd is configured:
olcTLSVerifyClient: demand
For authentication simple bind should be used.
Dovecot doesn't seem to send the requested client certificate.
If I sniff the connection, the "Certificate" sent to the server is
empty. Using ldapsearch it works (and the certificate isn't empty).
Any suggestions?
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20160205/1637a1da/attachment.sig>
More information about the dovecot
mailing list