Mercurial > dovecot > original-hg > dovecot-1.2
diff dovecot-example.conf @ 4695:07afd19bc53e HEAD
Updates to ssl_ca_file and ssl_username_from_cert comments in
dovecot-example.conf. Added better logging for "Invalid certificate". Patch
by HenkJan Wolthuis (hj wolthuis kaw nl)
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 16 Oct 2006 01:07:10 +0300 |
parents | 3b49b9ec87dc |
children | abf9a1234b99 |
line wrap: on
line diff
--- a/dovecot-example.conf Mon Oct 16 00:31:20 2006 +0300 +++ b/dovecot-example.conf Mon Oct 16 01:07:10 2006 +0300 @@ -95,6 +95,8 @@ #ssl_key_password = # File containing trusted SSL certificate authorities. Usually not needed. +# The CAfile should contain the CA-certificate(s) followed by the matching +# CRL(s). CRL checking is new in dovecot .rc1 #ssl_ca_file = # Request client to send a certificate. @@ -902,8 +904,9 @@ # Require a valid SSL client certificate or the authentication fails. #ssl_require_client_cert = no - # Take the username from client's SSL certificate, using X509_NAME_oneline() - # which typically uses subject's Distinguished Name. + # Take the username from client's SSL certificate, using + # X509_NAME_get_text_by_NID() which returns the subject's DN's + # CommonName. #ssl_username_from_cert = no # It's possible to export the authentication interface to other programs: