[Dovecot] disbale to responded to an unrequested SSL Certificate

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Thu Oct 2 17:59:24 EEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 30 Sep 2008, Andre Hübner wrote:

I may sound like a total ox, but I wonder if the client _requests_ a 
certificate at all? Till now I thought that the client starts the TLS 
handshake and the server responses with a certificate, if approrpiate for 
the cipher both had agreed on. The server has no way to know which 
symbolic name the client originally used when resolving into an IP.

So, to run several Dovecot instances, each configured with one certificate 
matching the symbolic name of the interface, sounds pretty straight 
forward to me.

Bye,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFI5OHOVJMDrex4hCIRAkHoAJ4w9NhOXYjKHV1qRWVN0iInH6T+dwCfbkdj
9QYTPIgcapxuNpHLz/Kd3ok=
=+2EI
-----END PGP SIGNATURE-----


More information about the dovecot mailing list