What you really want is the "AUTH EXTERNAL" authentication mechanism. This would authenticate your users based on the used certificate. Unfortunately, this mechanism is not supported in dovecot as well as in most clients. Courier supports it since some months if you really need it.
There's no way in dovecot to use no password, but there's one to use any password: Your password database has to return the field "nopassword", value
- But you should consider that this means that your users can impersonate any other user on your mailserver as the SSL certificate here only controls access, but not identity.
-----Original Message----- From: dovecot-bounces+siebert+lists=et.rub.de@dovecot.org [mailto:dovecot-bounces+siebert+lists=et.rub.de@dovecot.org] On Behalf Of Anthony Davies Sent: Thursday, December 18, 2008 12:27 AM To: dovecot@dovecot.org Subject: [Dovecot] SSL Certificate Authentication
Hi Guys,
I am using the SSL Client Certificate authentication method for my Dovecot instance, however rather then just requiring the client certificate it also prompts me for my user password.
My certificate was securely generated on a smart card and is passphrase protected so I would like to stop having to enter my certificate passphrase and my user password to collect my mail. Where abouts in the config file can I resolve this issue?
Cheers,
Tony Davies