RE: how to setup dovecot to accept client certificates signed with a private CA when the server certificate is signed by a public CA

Have you added your root CA to where the rest of the ca certs are stored on your distribution? > > I forgot to say that this mail server has been working perfectly for > many years (but without client certificates). > > On Mon, Aug 8, 2022 at 6:42 PM jean-christophe manciot > wrote: > > > >

Re: how to setup dovecot to accept client certificates signed with a private CA when the server certificate is signed by a public CA

I forgot to say that this mail server has been working perfectly for many years (but without client certificates). On Mon, Aug 8, 2022 at 6:42 PM jean-christophe manciot wrote: > > @build+dove...@de-korte.org > > ssl_ca = contains actually the private CA certificate bundled with the > private

Re: how to setup dovecot to accept client certificates signed with a private CA when the server certificate is signed by a public CA

@build+dove...@de-korte.org ssl_ca = contains actually the private CA certificate bundled with the private CA CRL. ssl_cert = contains the public server certificate bundled with Let's encrypt CA X3 cross-signed certificate. Maybe the latter should rather contain the root and intermediate

Re: rawlog data in a lua script

Hi Aki, On 08.08.22 13:54, Aki Tuomi wrote: Hi, Michael, did you consider my suggestion to use raw events instead of rawlogs for this? I was writing an answer to you next :-) As far as I can see, the "Event Export" only exports events of the requests, but not the full raw responses,

Re: rawlog data in a lua script

Hi, Michael, did you consider my suggestion to use raw events instead of rawlogs for this? Aki > On 08/08/2022 14:52 EEST michael.z...@feierfighter.de wrote: > > > Hi, > > as far as I know I cannot configure Dovecot to pipe the rawlog into rsyslog. > Or can I, how? > > The rawlog feature

Re: rawlog data in a lua script

Hi, as far as I know I cannot configure Dovecot to pipe the rawlog into rsyslog. Or can I, how? The rawlog feature in Dovecot writes multiple files (two for each connection, one for raw requests and one for raw responses) into a predefined directory for the user. This generates dozens or

Re: rawlog data in a lua script

Hi Paul, I don't understand how to use your idea/script together with the rawlog feature of Dovecot. The rawlog feature in Dovecot writes multiple files (two for each connection, one for raw requests and one for raw responses) into a predefined directory for the user. This generates dozens or

Re: RFC 9266: Channel Bindings for TLS 1.3 support

> On 02/08/2022 23:53 EEST * Neustradamus * wrote: > > > Hello all, > > I would like to know if it is possible to add RFC 9266: Channel Bindings for > TLS 1.3? > - https://datatracker.ietf.org/doc/html/rfc9266 > > Little details, to know easily: > - tls-unique for TLS =< 1.2 > -

pre-define or alter list of IMAP keywords

I am using Dovecot 2.3.4.1 with sdbox and mostly Thunderbird on Linux and FairEmail on Android as IMAP clients. I use a defined set of IMAP keywords to allow different users to mark and filter their mails based on keywords. That works pretty well but I stumble across an issue from time to time:

Re: how to setup dovecot to accept client certificates signed with a private CA when the server certificate is signed by a public CA

Citeren jean-christophe manciot : Hi everyone, I'm trying to setup dovecot to accept only client certificates created with a private CA: auth_ssl_require_client_cert = yes ssl_verify_client_cert = yes ssl_ca = This is wrong, you should enter your private CA here. If

how to setup dovecot to accept client certificates signed with a private CA when the server certificate is signed by a public CA

Hi everyone, I'm trying to setup dovecot to accept only client certificates created with a private CA: auth_ssl_require_client_cert = yes ssl_verify_client_cert = yes ssl_ca =