On Sat, 2010-12-25 at 11:38 +0000, Bojan Smojver wrote:
Frank Crawford <frank <at> crawford.emu.id.au> writes:
I'm trying to configure my dovecot installation to require client certificates for external/Internet connections, while still allowing my local network to not need certificates.
Exactly the same problem here on exactly the same platform (F-14), although I used a slightly different config directives (local <remoteIP>).
I already answered Bojan privately, here's for Frank & others too:
This is more of a missing feature than a bug.. Combined with not being very obvious that it won't work.. I'll try to figure out what to do about it, but the problem anyway is that auth settings aren't currently supported inside local/remote {} blocks, and ssl_require_client_cert is an auth setting (but ssl_verify_client_cert is handled by login process, so that works).
I'll either implement local/remote blocks to work with auth settings, or make it fail with an error that it won't work.