How to _mandatory upgrade to TLS_ with sieve or other cyrus services?
Thomas Harding
tom at thomas-harding.name
Fri Jul 10 11:28:28 EDT 2009
Hello,
I use imaps with a single CA (home made), which make me able to filter
users basing on trusted-CA signed certificates.
This allows me to restrict user's login on their ability to present
a certificate signed by my CA, and only by it (that's what I hope),
as I disabled all services but imaps and sieve.
However, I can't find how to obtain the same behavior with sieve :
it still allows non-encrypted sessions.
My version is a Debian packaged one:
ii cyrus-imapd-2.2 2.2.13-14+b3
Here the relevant lines of my /etc/imapd.conf :
tls_cert_file: /etc/ssl/certs/xxxxxxxxxxx.pem
tls_key_file: /etc/ssl/private/xxxxxxxxxxxxxx.key.pem
tls_ca_file: /etc/ssl/certs/xxxxxxxxxxxx.pem
tls_require_cert: true
How to disable non-TLS sessions on sieve, and more generally for any
cyrus service?
T.Harding
More information about the Info-cyrus
mailing list