Evolution & TLS Client Certificate authentication
Patrick
fedora-list at puzzled.xs4all.nl
Wed Mar 12 18:06:12 UTC 2008
Hi,
I'm wondering if anyone has been successful with getting Evolution to
authenticate to a Postfix server with a Client Certificate. My setup
works fine with Thunderbird but Evolution does not seem to send back its
p12 certificate when Postfix asks for it resulting in the following
error message:
warning: TLS library problem: 13127:error:140890C7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a
certificate:s3_srvr.c:2458:
Here is the Postfix config that works fine with Thunderbird. It uses
port 587 as the mail submission port and forces TLS Client Certificate
SASL Authentication:
submission inet n - n - - smtpd
-o smtpd_etrn_restrictions=reject
-o smtpd_tls_loglevel=1
-o smtpd_tls_CAfile=/etc/postfix/CAcert.pem
-o smtpd_tls_security_level=encrypt
-o smtpd_tls_ask_ccert=yes
-o smtpd_tls_req_ccert=yes
-o smtpd_tls_fingerprint_digest=sha1
-o permit_tls_all_clientcerts
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
Anyone have this working with Evolution?
Thanks,
Patrick
More information about the fedora-list
mailing list