Date: Wed, 20 May 2015 13:32:29 -0400 From: John Johnstone <jjohnstone@tridentusa.com> To: freebsd-questions@freebsd.org Subject: Re: docecot SSL/TLS without certificate Message-ID: <555CC52D.4030507@tridentusa.com> In-Reply-To: <555C7FDC.5050706@gmail.com> References: <555C7FDC.5050706@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/20/2015 8:36 AM, Ernie Luzar wrote: > Is there some way to configure Dovecot pop3 server to provide TLS > without Dovecot needing a certificate? The self signed cert that the > Dovecot manual shows you how to make is flagged as invaild / un-trusted > every time my thunderbird mail reading client fetches mail and I have to > answer question about accepting it. > > I see Dovecot has option to require client to also have a certificate > but no where does the Dovecot manual talk about what this certificate is > or how to build it. Will importing the Dovecot certificate to > Thunderbird stop Thunderbird from issuing that invaild / un-trusted > certificate error message? When Thunderbird makes a secure connection to an untrusted server it puts up the Add Security Exception prompt. At the bottom is a checkbox for Permanently store this exception. Just check that and you will only have to confirm the exception that one time. Thunderbird will store the certificate. You can take a look at it under Options > Advanced > Certificates > View Certificates. You won't need a client certificate. This is a fairly old article on SSL/TLS but most of it is probably still valid. https://tidbits.com/article/9049 You can read up on similar articles to help understand all of this. - John J.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?555CC52D.4030507>