how to setup dovecot to accept client certificates signed with a private CA when the server certificate is signed by a public CA

8 Aug 2022


      Hi everyone,
I'm trying to setup dovecot to accept only client certificates created
with a private CA:
auth_ssl_require_client_cert = yes
ssl_verify_client_cert = yes
ssl_ca = 
At the same time, dovecot is setup with an SSL certificate created by
a public CA (let's encrypt):
ssl = required
ssl_cert = 
When I try to connect to the server with a client (evolution), I get a
connection error:
"Client did not present valid SSL certificate" except that it is valid.
As you probably already know, let's encrypt does not create client certificates.
It seems that using a different CA for client certificates and for the
server certificate is unsupported.
Am I missing something?
Jean-Christophe

how to setup dovecot to accept client certificates signed with a private CA when the server certificate is signed by a public CA

jean-christophe manciot

Am I missing something?