On Sun, Oct 11, 2015 at 3:16 PM, Sam Varshavchik <mr...@courier-mta.com> wrote:
> bit_hi te writes: > > > TLS_CERTFILE=/etc/courier-imap/imapd.pem >> TLS_DHPARAMS=/etc/courier-imap/imapd_dhparams.pem >> TLS_TRUSTCERTS=/etc/ssl/certs >> TLS_VERIFYPEER=PEER >> > > This requires the client to supply a valid certificate. With openssl > s_client, you must specify a valid client certificate file with the -cert > option. > Thought that with "TLS_VERIFYPEER=PEER" the client certificate was optional. Nonetheless, the behaviour is the same. I appreciate your help on this, but STARTTLS is taking too much time to put to work while SSL/TLS already works (and maybe is safer?). All the best! And thank you all for your work on Courier! P.S.: One thing that probably would improve documentation is to mention to cat the server cert, intermediate and root CA certs and set those as TLS_CERTFILE.
------------------------------------------------------------------------------
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
