If you want client certificate based login, do the following:
Get a copy of a client certificate and the CA certificate which signed it.
Import the CA certificate as a Trusted Certificate Authority (see 23.5.1 Obtaining Certificates).
Use the Store Administrator you created during your Messaging Server installation.
For more information, see the 20.4 Specifying Administrator Access to the Store
Create a certmap.conf file for the MMP. For example:
certmap default default default:DNComps default:FilterComps e=mail |
This means to search for a match with the e field in the certificate DN by looking at the mail attribute in the LDAP server.
Edit your ImapProxyAService.cfg file and do the following:
If you want client certificates with POP3, repeat Step 5 for the PopProxyAService.cfg file.
If the MMP is not already running, start it with the following command in the msg-svr-base/sbin directory:
start-msg mmp
Import the client certificate into your client. In NetscapeTM Communicator, click on the padlock (Security) icon, then select Yours under Certificates, then select Import a Certificate... and follow the instructions.
All your users will have to perform this step if you want to use client certificates everywhere.