From 6de040cebdca3b82bc4065cf9f0d325e5dea682a Mon Sep 17 00:00:00 2001
From: vlaborie <vlaborie+gitit@evolix.fr>
Date: Sat, 13 May 2017 22:21:42 +0200
Subject: [PATCH] Add dovecott to SSLauth

---
 HowtoSSLauth.md | 33 ++++++++++++++++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/HowtoSSLauth.md b/HowtoSSLauth.md
index 231af94b..de14e16d 100644
--- a/HowtoSSLauth.md
+++ b/HowtoSSLauth.md
@@ -35,10 +35,41 @@ ssl_client_certificate /etc/ssl/certs/CA.pem;
 ssl_verify_client require;
 ~~~
 
+### Dovecot
+
+/etc/dovecot/conf.d/10-ssl.conf
+
+~~~
+ssl = yes
+ssl_ca = /etc/ssl/certs/CA.pem
+ssl_cert_username_field = commonName
+~~~
+
+/etc/dovecot/conf.d/10-auth.conf
+
+~~~
+auth_ssl_require_client_cert = yes
+auth_ssl_username_from_cert = yes
+passdb {
+        driver = passwd-file
+        args = /etc/dovecot/passwd-file
+
+        deny = no
+        master = no
+        pass = no
+}
+~~~
+
+/etc/dovecot/passwd-file
+
+~~~
+jdoe:{plain}::::::nopassword
+~~~
+
 ## Coté client
 
 ### Curl
 
 ~~~
 curl --cert ./client.crt --key ./client.key -u "user:pass" "https://example.com"  
-~~~
+~~~
\ No newline at end of file