Reviving an old thread: "requiring client certificates for external connections"

Robert Giles rgiles at
Thu Sep 3 18:25:41 UTC 2015

Hi folks - reviving an old thread from 2010:

We're basically looking to do the same thing:  require client 
certificates for external connections, while preserving certificate-less 
username/password authentication for internal connections.

Any tips on the best way to accomplish this?

'ssl_verify_client_cert = yes' can go within a local {} block, but it 
doesn't seem to force the client to submit a certificate.

Thanks in advance -

Robert Giles

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3835 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the dovecot mailing list