Bernd Wurst writes:
Hello,I'm struggling with the question if it is possible to authenticate clients (optionally) with a client certificate. I found some docs about dovecot implementing this [1] and was wondering if courier (SMTP) could also be used with this? I could not find something about it in the docs. The desired use would be that we operate a local CA and issue certificates that contain a user name (e-mail-address) as common name and courier authenticates this certificate as the given user, so that logging and processing will continue have the sender's data. [1]: "Client certificate verification/authentication", half way down at https://wiki.dovecot.org/SSL/DovecotConfiguration
http://www.courier-mta.org/install.html#sslcertAlso described further in the esmtpd-ssl configuration file, under TLS_EXTERNAL.
For this to work, the certificate subject needs to specify whatever would be used for the login ID when authenticating manually.
pgpi8XcrDFBKM.pgp
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
