How to require client SSL certificate, except for local connections
Evan Martin
dovecot-ml at realityexists.net
Fri Oct 6 19:11:36 EEST 2017
Is there any way to make Dovecot 2.2.22 not require a client SSL
certificate for a local IMAP connection, but require it for any remote
IMAP connection?
My server is configured to require client certificates:
ssl = required
...
auth_ssl_require_client_cert = yes
I tried adding the following to create an exception for localhost:
remote 127.0.0.1 {
ssl = no
auth_ssl_require_client_cert = no
disable_plaintext_auth = no
}
But Dovecot fails to start with: doveconf: Fatal: Error in configuration
file /etc/dovecot/dovecot.conf line 81: Auth settings not supported
inside local/remote blocks:
Is there any other way to do this? I don't need to override any other
auth settings, just that one. I could probably use a Unix socket, if
that would help.
Thanks,
Evan
More information about the dovecot
mailing list