Thank you for this valuable suggestion. Validation worked with JWK format. I feel documentation should be updated with this information. Also "username_attribute" field in dovecot-oauth2.plain.conf.ext is need to be set for username validation.
My configuration: File: dovecot-oauth2.plain.conf.ext introspection_mode = local use_grant_password = no debug = yes username_attribute = user_name local_validation_key_dict = fs:posix:prefix=/etc/dovecot/keys/
Copy .JWK public key to folder /etc/dovecot/keys/default/RS256/default if there is no azp element in token body, then default is used and there is no kid element in token header.
Thanks, Mrinal
-----Original Message----- From: Aki Tuomi aki.tuomi@open-xchange.com Sent: Wednesday, September 16, 2020 2:15 AM To: Mrinal Sharma msharma@smithmicro.com; dovecot@dovecot.org Subject: Re: Cannot load key: Invalid dovecot key version
CAUTION - EXTERNAL EMAIL This email originated from outside of Smith Micro Software. Do not click links or open attachments unless you recognize the sender and know the content is safe.
On 16/09/2020 06:38 Mrinal Sharma msharma@smithmicro.com wrote:
I am trying to use a newly added Local Validation functionality in dovecot version 2.3.11. I am running dovecot inside a Docker container With base image " debian:buster-slim". When I try to login through below command , a crash is seen. Algorithm Used is RS256 and certificate is self-signed.
Did you provide the validation key in what format? I would recommend using JWK format.
Aki