[Dovecot] Authentication by certificats (a bug or my misconfiguration)
HenkJan Wolthuis
hj.wolthuis at kaw.nl
Tue Jul 11 12:10:47 EEST 2006
Hi Alexander,
>
> Thanks for the quick reply; rearranging the certs didn't seem to do
> much for the setup; I guess I'm getting one thing wrong, which was the
> cause for my followup. How can I make dovecot only rely on cert and no
> furhter authentication for giving access to the user, when making
> dovecot lift the user ID from the client cert?
Hmm, i don't think that's the reason for the "invalid certificate"
error. Another question: are the clientcertificates and the
servercertificate signed by the same CA?
In case you want the ssl-verify error in the logfiles:
in src/logincommon/ssl-proxy-openssl.c, line 607
change:
i_info("Invalid certificate: %s", buf);
to:
i_info("Invalid certificate: %s: %s,
X509_verify_cert_error_string(ctx->error) ,buf);
should help, (tested on beta8) (don't forget to recompile, install,
restart ;-))
success!
--
groeten,
HenkJan Wolthuis
More information about the dovecot
mailing list