Auth-policy: auth_policy_server_url and https support
Aki Tuomi
aki.tuomi at dovecot.fi
Sun Jan 8 18:02:26 UTC 2017
> On January 6, 2017 at 11:03 PM gregc at olypensupport.com wrote:
>
>
> When using Auth policy server it doesn’t currently doesn’t support https.
>
> In version 2.2.27:
> Policy server HTTP error: 9002 Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
>
> and in version 2.3.devel
> Policy server HTTP error: 9002 Requested https connection, but no SSL settings given
>
> dovecot.conf does have “ssl_client_ca_dir = /etc/ssl/certs” set.
>
> Looking around the source, http-client-settings are not given the ssl_ca_dir or ssl_ca_file setting from the config.
>
> Admittedly SSL tear up/down is little expensive per auth, but I think it maybe it should still work?
I suppose so, and it should not do SSL tear up/down per auth, hopefully, since it reuses the same HTTP connections for 10 seconds.
Aki
More information about the dovecot
mailing list