Page 1 of 1

Cannot choose client cert auth when using private client cert

Posted: Tue Jun 27, 2017 5:56 pm
by Erik-NA
Have configured Zimbra to use client cert auth.

https://wiki.zimbra.com/wiki/Client_Cer ... rtificates

When creating my mail account in ZCO I use <mailserver>:<port>/certauth as Server Name, my email address and a random password (when using client cert auth the password is not used, but ZCO requires to input one).
When selecting OK or Apply ZCO presents a cert selector where I should select my private cert. But I cannot choose my cert, there is a message saying "No certificates meet the application criteria".

When accessing my mail in the webbrowser (Firefox, IE or Edge) it is working.

This is a bug posted, https://bugzilla.zimbra.com/show_bug.cgi?id=107940

Just wondering if anyone else have hit this bug? And if there is any solution besides waiting for ZImbra to fix it, which I have been doing since may.

Example, which criteria must a private cert fulfill in ZCO?

I'm stuck...

Re: Cannot choose client cert auth when using private client cert

Posted: Fri Feb 14, 2020 2:59 pm
by neutronscott
I know this is old but I guess you and I are the only ones trying to use certauth in ZCO. :)

I have optioned a case about this. ZCO logs show it iterating over all the certs and saying none of them match. I've tried creating certs with CN=<user>/emailAddress=<user@domain.com> as the wiki has and throwing different things in the username field in the ZCO setup all to no avail...

I don't think it should filter certs at all. Let the user decide. ugh