[rt-users] CA Client Certificates and RT 3.0.2???

Greg Boug gboug at unico.com.au
Wed May 21 02:16:42 EDT 2003


Hi all, 

I am having a bit of fun configuring RT. We use a client side
certificate on the web browsers to provide additional security 
for accessing the RT site. That all works fine for providing 
web access... 

The problem is when an email is sent to a queue... 

Lets say an email is sent to the 'foo' queue. Its intercepted
by rt-mailgate, which creates an LWP object and fobs it off
to the webserver. And boom. Webserver rejects the connection as
it doesn't have a valid user certificate. LWP doesn't appear
to support client certificates, so I don't think I can graft it
on (though if someone can point me in the direction of support
for this, I'd be grateful)

Has anyone had a situation like this? If so, what did you do 
to get around it? Is there a way to get rt-mailgate to go via
a programming interface, rather than doing a https request?
I guess its possible to have it avoid requiring a certificate
for specific locations by configuring Apache, but that defeats
the purpose of having the darn things ;-)

thanks in advance... ;)

Greg




More information about the rt-users mailing list