core icon indicating copy to clipboard operation
core copied to clipboard
verified publisher icon dovecot

ssl_cert_username_cea: Use CertificateExactAssertion as username

Open minfrin opened this issue 2 years ago • 3 comments

Add the ssl_cert_username_cea parameter, which, when present, uses the CertificateExactAssertion as defined in RFC4523 appendix A.1 as the username.

minfrin avatar Jul 26 '23 11:07 minfrin

Quick ping on this one.

Keen to also contribute a ssl_cert_username_fingerprint=sha256 style option to match the functionality of postfix below, should I do this in the same PR or a new one?

https://www.postfix.org/postconf.5.html#permit_tls_clientcerts

minfrin avatar Aug 20 '23 12:08 minfrin

We'll try to come back to this soon.

cmouse avatar Sep 19 '23 08:09 cmouse