![]() Import the CA.crt to zimbraReverseProx圜lientCertCA using libexec/zmclientcertmgr command. ![]() Organizational Unit Name (eg, section) :SupportĬommon Name (eg, your name or your server's hostname) : Ĥ. At the "Email Address" section, enter the username who needs to be authenticated using the cert. ![]() opt/zimbra/openssl/bin/openssl req -new -key user1.key -out user1.csrĮxample output. opt/zimbra/openssl/bin/openssl genrsa -out user1.key 2048 opt/zimbra/openssl/bin/openssl req -new -key CA.key -x509 -days 3650 -out CA.crt opt/zimbra/openssl/bin/openssl genrsa -out CA.key 2048 You need to create a CA cert/key pair and a client cert/key pair. Note: For testing purpose only in absence of commercial certs.Preparation Generate Self signed CA and client certs ![]() This feature is introduced in ZCS 7.1 (RFE 29625). This document is concentrating on how to do the client cert authentication in Nginx-Zimbra. This is certified documentation and is protected for editing by Zimbra Employees & Moderators only.Ĭlient certificate authentication is one part of Two-way SSL authentication, also commonly referred to as SSL mutual authentication, is the combination of server and client authentication.Ĭommonly server certificate authentication is done by Browser in a SSL connection, and client cert authentication is optional.
0 Comments
Leave a Reply. |