Hi list, I've created a small CA hierarchy using OpenSSL with the following structure:
Root CA _____/ \_____ / \ Mail sub-CA Other sub-CA / \ / \ Server sub-CA Client sub-CA / \ / \ Server1 Server2 Client1 Client2 This is certainly over-engineered for my small setup, but I wanted to create a toolbox to create a full-fledged PKI... whatever. I use the following straightforward configuration: - On the server: % smtpd_tls_security_level = may % smtpd_tls_cert_file = Server.pem % smtpd_tls_key_file = Server.key % smtpd_tls_CAfile = Client_SubCA_chain.pem % smtpd_tls_ask_ccert = yes % smtpd_tls_loglevel = 1 - On the client: % smtp_tls_security_level = may % smtp_tls_cert_file = Client.pem % smtp_tls_key_file = Client.key % smtp_tls_CAfile = Server_SubCA_chain.pem % smtp_tls_loglevel = 1 It works. Postfix logs that the connection is "Trusted". Woohoo! However, I'm a little bit confused about the certificates accepted. I've swept through RFC 2459 and as I understand the fourth paragraph of section 6, the certification path validation must begin with a self-signed certificate. This mean that smtpd_tls_CAfile must contains all certificates from RootCA to Server sub-CA. Therefore if a client provides a certificate issued by the Mail sub-CA or the Root CA directly, it will work. What's the way to prevent this? Of course, as the owner of the PKI, I could ensure that such certificates would never be issued. But is there any technical mean to prevent this? By the way, I have the feeling this could be done using a server-side policy map similar to smtp_tls_policy_maps but there is certainly a good reason for this setting to not exist, though I don't see why. Thanks for your help. Regards, -- Jeremie Le Hen Humans are born free and equal. But some are more equal than others. -Coluche