Re: sasl EXTERNAL authentication by ssl certificate
Shouldn't you use "imaps://" instead of "imap://"?
On Sat, Dec 06, 2008 at 01:16:06PM +0600, mitrohin a.s. wrote:
> ehlo.
>
> mutt unable to authenticate in cyrus-imapd by ssl certificate with
> error - "No authenticators available".
>
> Configuration files:
>
> # imapd.conf
> sasl_mech_list: external plain login
>
> # .muttrc
> set ssl_starttls=yes
> set ssl_client_cert="~/.ssl/swp.pem"
> set folder="imap://mail.domain.tld/"
> set spoolfile="+INBOX"
> mailboxes "!"
> account-hook . 'unset imap_user; unset imap_pass; unset tunnel'
> account-hook imap://mail.domain.tld/ 'set imap_authenticators=EXTERNAL'
> #account-hook imap://mail.domain.tld/ 'set imap_user=swp; set
> imap_pass=XXXXXXXX; set imap_authenticators=LOGIN'
>
> # cyrus-imapd log messages
> Dec 6 11:52:09 bspu imap[9873]: received client certificate
> Dec 6 11:52:09 bspu imap[9873]:
> subject=/C=RU/ST=Altai/L=Barnaul/O=BSPU/OU=people/CN=swp/emailAddress=swp@xxxxxxxxx
> Dec 6 11:52:09 bspu imap[9873]: starttls: TLSv1 with cipher AES256-SHA
> (256/256 bits new) authenticated as swp
>
> # mutt -v
> Mutt 1.5.18 (2008-05-17)
> Copyright (C) 1996-2008 Michael R. Elkins and others.
> Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
> Mutt is free software, and you are welcome to redistribute it
> under certain conditions; type `mutt -vv' for details.
>
> System: FreeBSD 7.1-PRERELEASE (i386)
> ncurses: ncurses 5.6.20080503 (compiled with 5.6)
> libiconv: 1.11
> Compile options:
> -DOMAIN
> -DEBUG
> -HOMESPOOL +USE_SETGID +USE_DOTLOCK +DL_STANDALONE
> -USE_FCNTL +USE_FLOCK
> +USE_POP +USE_NNTP +USE_IMAP -USE_SMTP +USE_GSS +USE_SSL_OPENSSL
> -USE_SSL_GNUTLS +USE_SASL +HAVE_GETADDRINFO
> +HAVE_REGCOMP -USE_GNU_REGEX +COMPRESSED
> +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET
> +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM
> +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME
> -CRYPT_BACKEND_GPGME
> -EXACT_ADDRESS -SUN_ATTACHMENT
> -ENABLE_NLS -LOCALES_HACK +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET
> +HAVE_LANGINFO_YESEXPR
> +HAVE_ICONV -ICONV_NONTRANS -HAVE_LIBIDN +HAVE_GETSID -USE_HCACHE
> -ISPELL
> SENDMAIL="/usr/sbin/sendmail"
> MAILPATH="/var/mail"
> PKGDATADIR="/usr/local/share/mutt"
> SYSCONFDIR="/usr/local/etc"
> EXECSHELL="/bin/sh"
> -MIXMASTER
> To contact the developers, please mail to <mutt-dev@xxxxxxxx>.
> To report a bug, please visit http://bugs.mutt.org/.
>
> vvv.quote
> patch-1.5.0.ats.date_conditional.1
> dgc.deepif.1
> vvv.initials
> vvv.nntp
> patch-1.5.4.cd.ifdef.1
> rr.compressed
>
> /swp