Am 29.06.2013 15:54, schrieb Charles Marcus:
well, this is for dovecot 1.x, but have you tried it?
Client certificate verification/authentication If you want to require clients to present a valid SSL certificate, you'll need these settings:
ssl_ca_file = /etc/ssl/ca.pem ssl_verify_client_cert = yes auth default { ssl_require_client_cert = yes .. }
Thanks for your email. Yes, I looked before at that website before. I'm using these options with Dovecot 2.1.8, among others:
auth_ssl_require_client_cert = yes ssl_verify_client_cert = yes ssl_ca = </etc/ssl/certs/cacertcrl.pem
I'm not sure why Reindl pointed you to the 1.x docs when you are using 2.x...
because it is a good start-point and i do not need the feature and in this case it should be enough that i start to google for others at all
however, if you would have followed this thread you would have realized that the OP demaned technical impossible things like "uhm openssl should reject the connction without cert before running any dovecot code"