Displaying 3 results from an estimated 3 matches for "client_certificate_verification".
2019 Jun 16
2
Self-signed TLS client certificates
...for client TLS certificates. I have
a self-signed certificate whose private key resides on a smartcard
(Yubikey, to be exact). I wanted Dovecot to accept that TLS client
certificate instead of a password. So I searched and found this wiki
page: <https://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2Fauthentication>
But that Wiki page says:
> The CA file should contain the certificate(s) followed by the matching
> CRL(s). Note that the CRLs are required to exist.
I have now messed three hours or so with OpenSSL to get a CRL generated
for my self-signed certificate, but I can't...
2019 Jun 16
0
Self-signed TLS client certificates
...iv>
(Yubikey, to be exact). I wanted Dovecot to accept that TLS client
</div>
<div>
certificate instead of a password. So I searched and found this wiki
</div>
<div>
page: <
<a href="https://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2Fauthentication" rel="noopener" target="_blank">https://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2Fauthentication</a>>
</div>
<div>
<br>
</div>
<div>
But that Wiki page says:...
2014 Jun 23
0
Wishlist: add a variable %{x509} expanding to the client cert in Dovecot-auth
...er %{pubkey} variable expanding to the (PEM-encoded) cert's
SubjectPublicKeyInfo block would surely be useful :-)
I wonder if there are other folks interested in having the client cert
available in the passdb.
Thanks,
cheers,
--
Guilhem.
[1] http://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2BAC8-authentication
[2] http://www.postfix.org/postconf.5.html#relay_clientcerts
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/a...