Would that only computers that have installed a certificate could connect via webmail to read the emails .
Is this possible? What kind of certificate and how it should be configured?
Thank you.
LinkBack URL
About LinkBacks
Starter Member
Access with certificate
Would that only computers that have installed a certificate could connect via webmail to read the emails .
Is this possible? What kind of certificate and how it should be configured?
Thank you.
Elite Member
I don't believe this is possible.
Doug
Ben Franklin quote:
"Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety."
Loyal Member
Client certificate authentication is possible, atleast in theory.
You need to change the default service port 443 to listen at port 444.
Block access to port 444 from other hosts than localhost.
Then configure apache to listen at 443 with mod_proxy and zimbra ldap as authentication source(validate client cert email against zimbra).
When client authenticates with assigned certificate apache will then grant access to zimbra in localhost:444.
What is missing is custom authentication module which would relay the auth information from apache to zimbra in port 444.
Other way would be to skip using apache as auth proxy and use jetty cca:client cert authenticator
I haven't used either with zimbra, but the basic concept isn't that difficult.
Managing client certificates just becomes bit of a hassle if you have alot of users.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
