cyradm cannot connect to cyrus imap server
Dan White
dwhite at olp.net
Fri Feb 21 10:22:55 EST 2014
On 02/21/14 16:11 +0100, Willy Offermans wrote:
>You are pointing to EXTERNAL, next to PLAIN and LOGIN. I do not understand
>this mechanism yet. At the moment I believe I have PLAIN password wrapped
>into TLS. So I already do starttls client authentication. What will EXTERNAL
>do?
TLS client authentication is a scenario where you perform TLS
authentication where the client also has a certificate. The server can
then use the contents of the client certificate to derive the username
(with no password, per se). For example, 'cyradm --tlskey <file>'.
The EXTERNAL mechanism should not be offered unless TLS client
authentication was successful during the starttls step.
--
Dan White
More information about the Info-cyrus
mailing list