[Dovecot] SSL Certifcates
Stephen Feyrer
steve at toth.org.uk
Fri Aug 8 00:33:51 EEST 2008
Timo Sirainen wrote:
> On Aug 7, 2008, at 2:49 PM, Stephen Feyrer wrote:
>
>> Hi anyone.
>>
>> Can dovecot be configured to authenticate user using only SSL
>> Certificates only and not ask for a password.
>>
>> So far I've got it taking the username from the common name of the
>> certificate but I like it to use the certificate in place of the
>> password.
>>
>> Is this possible and how?
>
>
> If you're that far, then you're already authenticating the user against
> the certificate. Or assuming you have ssl_require_client_cert=yes. Then
> just create a passdb that accepts any password as valid for the user
> (nopassword=yes extra field).
>
> In theory there's also this EXTERNAL SASL mechanism that could be used
> to log in without user/pass, but Dovecot doesn't currrently support that
> and I'm not aware of any clients supporting it either.
Hi Timo.
I have authenticating user against the certificate as you say and do
have ssl_require_client_cert=yes.
I'm using PAM to authenticate against my user database at the moment.
I'm still baffled... :)
--
kind regards
Stephen.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3309 bytes
Desc: S/MIME Cryptographic Signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20080807/49d26683/attachment.bin
More information about the dovecot
mailing list