[Dovecot] Postfix & Dovecot: Client certificate authentication

Hello,

I would like to set up an authentication using certificate with Dovecot: A user sends mail to Postfix and Dovecot authentication is valid only if certificate is trusted.

So, I enable the parameter auth_ssl_require_client_cert in dovecot configuration but it is not running. Here are the postfix logs:

Aug 16 09:51:48 myserver dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth Aug 16 09:51:48 myserver dovecot: auth: Debug: Module loaded: /usr/lib64/dovecot/auth/libauthdb_ldap.so Aug 16 09:51:48 myserver dovecot: auth: Debug: auth client connected (pid=6922) Aug 16 09:51:51 myserver dovecot: auth: Debug: client in: AUTH       1       PLAIN   service=smtp    nologin lip=127.0.0.1   rip=127.0.0.1       secured resp=xxx Aug 16 09:51:51 myserver postfix/smtpd[6922]: warning: localhost.localdomain[127.0.0.1]: SASL PLAIN authentication failed: Client didn't present valid SSL certificate Aug 16 09:51:51 myserver dovecot: auth: PLAIN(?,127.0.0.1): Client didn't present valid SSL certificate Aug 16 09:51:51 myserver dovecot: auth: Debug: client out: FAIL      1       reason=Client didn't present valid SSL certificate Aug 16 09:51:51 myserver dovecot: auth: Debug: client in: AUTH       2       LOGIN   service=smtp    nologin lip=127.0.0.1   rip=127.0.0.1       secured Aug 16 09:51:51 myserver dovecot: auth: LOGIN(?,127.0.0.1): Client didn't present valid SSL certificate Aug 16 09:51:51 myserver dovecot: auth: Debug: client out: FAIL      2       reason=Client didn't present valid SSL certificate Aug 16 09:51:51 myserver postfix/smtpd[6922]: warning: localhost.localdomain[127.0.0.1]: SASL LOGIN authentication failed: Client didn't present valid SSL certificate

It seems Postfix doesn't send the client certificat to Dovecot. What do you think ? What is wrong ?

Below are some information about my configuration: OS: RHEL5

Postfix: 2.7.3

Dovecot: 2.0.14

Dovecot config: auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes auth_verbose = yes mail_debug = yes passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } protocols = none service auth { unix_listener /data/postfix/private/auth { group = postfix mode = 0660 user = postfix } user = root } ssl = required ssl_ca =

Thanks for your help