search for: client_certificate_verification

Displaying 3 results from an estimated 3 matches for "client_certificate_verification".

2019 Jun 16
2
Self-signed TLS client certificates
...for client TLS certificates. I have a self-signed certificate whose private key resides on a smartcard (Yubikey, to be exact). I wanted Dovecot to accept that TLS client certificate instead of a password. So I searched and found this wiki page: <https://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2Fauthentication> But that Wiki page says: > The CA file should contain the certificate(s) followed by the matching > CRL(s). Note that the CRLs are required to exist. I have now messed three hours or so with OpenSSL to get a CRL generated for my self-signed certificate, but I can't...
2019 Jun 16
0
Self-signed TLS client certificates
...iv> (Yubikey, to be exact). I wanted Dovecot to accept that TLS client </div> <div> certificate instead of a password. So I searched and found this wiki </div> <div> page: < <a href="https://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2Fauthentication" rel="noopener" target="_blank">https://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2Fauthentication</a>> </div> <div> <br> </div> <div> But that Wiki page says:...
2014 Jun 23
0
Wishlist: add a variable %{x509} expanding to the client cert in Dovecot-auth
...er %{pubkey} variable expanding to the (PEM-encoded) cert's SubjectPublicKeyInfo block would surely be useful :-) I wonder if there are other folks interested in having the client cert available in the passdb. Thanks, cheers, -- Guilhem. [1] http://wiki2.dovecot.org/SSL/DovecotConfiguration#Client_certificate_verification.2BAC8-authentication [2] http://www.postfix.org/postconf.5.html#relay_clientcerts -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/a...