Thank you for this valuable suggestion. Validation worked with JWK format. I feel documentation should be updated with this information. Also "username_attribute" field in dovecot-oauth2.plain.conf.ext is need to be set for username validation.
My configuration: File: dovecot-oauth2.plain.conf.ext introspection_mode = local use_grant_password = no debug = yes username_attribute = user_name local_validation_key_dict = fs:posix:prefix=/etc/dovecot/keys/ Copy .JWK public key to folder /etc/dovecot/keys/default/RS256/default if there is no azp element in token body, then default is used and there is no kid element in token header. Thanks, Mrinal -----Original Message----- From: Aki Tuomi <[email protected]> Sent: Wednesday, September 16, 2020 2:15 AM To: Mrinal Sharma <[email protected]>; [email protected] Subject: Re: Cannot load key: Invalid dovecot key version CAUTION - EXTERNAL EMAIL This email originated from outside of Smith Micro Software. Do not click links or open attachments unless you recognize the sender and know the content is safe. > On 16/09/2020 06:38 Mrinal Sharma <[email protected]> wrote: > > > I am trying to use a newly added Local Validation functionality in dovecot > version 2.3.11. I am running dovecot inside a Docker container With base > image " debian:buster-slim". When I try to login through below command , a > crash is seen. Algorithm Used is RS256 and certificate is self-signed. > Did you provide the validation key in what format? I would recommend using JWK format. Aki
