Results 1 to 3 of 3

Thread: Access with certificate

  1. #1
    Join Date
    Aug 2012
    Posts
    1
    Rep Power
    3

    Default Access with certificate

    Would that only computers that have installed a certificate could connect via webmail to read the emails .
    Is this possible? What kind of certificate and how it should be configured?

    Thank you.

  2. #2
    Join Date
    Dec 2009
    Location
    Michigan
    Posts
    454
    Rep Power
    5

    Default

    I don't believe this is possible.

    Doug
    Ben Franklin quote:

    "Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety."

  3. #3
    Join Date
    Jul 2009
    Location
    Jyväskylä, Finland
    Posts
    83
    Rep Power
    6

    Default

    Client certificate authentication is possible, atleast in theory.
    You need to change the default service port 443 to listen at port 444.
    Block access to port 444 from other hosts than localhost.
    Then configure apache to listen at 443 with mod_proxy and zimbra ldap as authentication source(validate client cert email against zimbra).
    When client authenticates with assigned certificate apache will then grant access to zimbra in localhost:444.

    What is missing is custom authentication module which would relay the auth information from apache to zimbra in port 444.

    Other way would be to skip using apache as auth proxy and use jetty cca:client cert authenticator
    I haven't used either with zimbra, but the basic concept isn't that difficult.

    Managing client certificates just becomes bit of a hassle if you have alot of users.

Similar Threads

  1. Replies: 0
    Last Post: 05-15-2012, 06:47 AM
  2. Replies: 0
    Last Post: 01-28-2010, 12:17 AM
  3. Replies: 5
    Last Post: 04-27-2009, 06:53 PM
  4. Certificate fun...
    By TommyTheKid in forum Administrators
    Replies: 2
    Last Post: 02-12-2008, 04:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •