is it possible with mozilla to present a client certificate to a simap server? I'm using stunnel to do imap over ssl and want mozilla to authenticate with a certificate.
Mozilla won't present a certificate if the server doesn't explicitly require it. So, the configuration has to be done on the server's side.
For stunnel, just use the "-v 3" option.
Currently, I use the following arguments to stunnel (3.22) to do this
/usr/sbin/stunnel -l /usr/sbin/imapd \ -p /usr/share/ssl/certs/imapd.pem \ -a /usr/share/ssl/trusted -v 3 -S 0 \ -A /etc/httpd/conf/ssl.crt/ca-bundle.crt
The /usr/share/ssl/trusted is a directory containing the list of certificates (in PEM format) of the users authorized to access to the IMAP server. If their certificate is present in this directory, the access is granted. Otherwise, the access is forbidden. This means that you have to update each certificate in this directory every time it is renewed.
Note that the users will have to type a login and password anyway.
Hope this helped.
Roland.
-- Roland Dirlewanger CNRS - Delegation Aquitaine et Poitou-Charentes Esplanade des Arts et Metiers 33402 TALENCE CEDEX
Mel : [EMAIL PROTECTED], Tel : 05.57.35.58.52, Fax : 05.57.35.58.01
