[Dovecot] Client certificate verification/authentication

Timo Sirainen tss at iki.fi
Mon Jun 4 15:36:48 EEST 2007


On Mon, 2007-06-04 at 11:39 +0200, eizert wrote:
> Timo Sirainen a écrit :
> > On Tue, 2007-05-29 at 12:06 +0200, eizert wrote:
> >   
> >> Not in Dovecot...
> >> In my log, i've simply :
> >> dovecot: auth(default):  Client didn't present valid SSL certificate
> >>     
> >
> > Set verbose_ssl=yes and it should log more. It should then log either
> > "Invalid certificate" or "Valid certificate". If it logged neither, then
> > your client didn't send a certificate at all.
> >
> >   
> I've set this option.
> 
> I've create certificate signed trusted and set CA and create CRL. I have 
> put CRL in the CA certificate by cat ca-crl.pem >> ca.crt.pem
> Also my MUA use CRL with https://myhostname/crl.der
> 
> But i've simply this information in my log : Client didn't present valid 
> SSL certificate

Then I'd say the client didn't present any certificate at all to
Dovecot. Are you sure the client even supports sending the certificate?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070604/2be1fd34/attachment-0001.bin 


More information about the dovecot mailing list