I'm running my own IMAPS server but would like to get my tin-foil hat out and mandate client-side certificates.
I know that I'll have to set TLS_VERIFYPEER to REQUIREPEER
It's more the SSL stuff that I'm hazy on.
My server's got a self-signed certificate for SSL that's working just fine. I presume I'll have to refer to this with TLS_TRUSTCERTS?
Then I can generate some certificates for my clients and sign them with my server's certificate. Since the only certificate I trust is my own, only client certificates signed by mine will be trusted right?
Is there anything special I need to think about when generating my clients' certificates? I'll only (at least initially) be installing these into Thunderbird.
TIA
Craig.
p.s. Sorry if everyone thinks of this as OT (i.e. SSL and not courier).
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
