On 28/05/2020 19:08 patosec <[email protected]> wrote:
Hello again,
I did a lot of trial and error already, but I can't seem to find a wayto encrypt my dovecot director to dovceot mailbox traffic.Is there a way to configure dovecot director to only use ssl/tlsencrypted connections for specific tagged mailbox clusters? (or allclusters, in fact does not matter if it could be restricted to tags)Looks like there is also no documentation available for this sort ofconfiguration.
I tried setting my mailbox nodes to "ssl = require" butt after doing soI can't login through director proxy anymore.It always looks like ssl/tls termination is finally done on director side.
Anyone tried this already or has a running setup doing encryption fromlets say frontend to backend?
Thanks, greetingsPatrick
Add to your director passdb attributes, ssl=any-cert or starttls=any-cert. See https://doc.dovecot.org/configuration_manual/authentication/proxies/
--- Aki Tuomi
