Require certificate for external clients

Rick Romero rick at havokmon.com
Fri Feb 27 14:37:05 UTC 2015


Quoting Karol Babioch <karol at babioch.de>:

> Hi list,
>
> I'm currently looking into ways of making use of client certificates. I
> want to force external clients (i.e. anything outside the local subnet)
> to use client certificates. It is my understanding that this in itself
> can be achieved with the "ssl_require_client_cert" setting.
>
> However, I also want local clients (i.e. anything from a specific
> subnet) to be able to authenticate by the usual means (i.e.
> password-based).

How about a second front-end? One dovecot-proxy for external users that
requires certs, the other is the 'real' machine accessible directly only
for internal users.

Rick


More information about the dovecot mailing list