View Single Post
  #1   (View Single Post)  
Old 10th June 2011
unixjingleman unixjingleman is offline
Fdisk Soldier
 
Join Date: Jan 2011
Posts: 70
Default confusion about imaps

Hi
I can connect from my mutt client box to my dovecot server after mkcert.sh has been run and the cert and key are in the correct location(according to dovecot config file) and "enable_plaintext_authentciation = no" is also in the dovecot.conf. Does this mean that user authentication is being performed by SSL or just that SSL is protecting an interior protocol that performs it's own authentication?.
If i run:
Code:
#openssl s_client -quiet -connect my_dovecot_server.domain:993
I get this in reponse:
Code:
verify return:1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
What confused me was that i read somewhere that in an imaps connection that the client sent the server a public key. I can connect from the mutt client host by typing my password. But, like i said before, is proper SSL authentication happening?. To get proper encrypted authentication and sessions do you have to be your own CA(and give the client host a cert) or go to an official CA etc or does the response i received and the fact that i can connect when enable_plaintext_authentication = no, indicate that I've already got these things? Or just one of them(authentication)?. I will post my configs if necessary.
Thank you very much for shedding some light on the subject

Last edited by unixjingleman; 10th June 2011 at 10:36 PM.
Reply With Quote