This page is just to write about things I did probably providing
useful information also for others. Topics are software, technical
issues, ...
Since a Gnupg update, the tool will refuse to perform decryption
when using only the private key. There is technically no reason
for this and gpg does not provide any easy option to regenerate
or calculate the public key from the private key or ways to ignore
the missing key. This article shows a hacky way to regenerate
4096 bit public keys from private keys using peculiarities of
the Openpgp storage format. Read
more...
Exim may use some fields from
SSL client certificates in the authentication procedure, e.g.
mailAddress, but others are not supported. The x500UniqueIdentifier
field is not understood, which could be used by Dovecot to force
the login user name to be the one from the SSL certificate. To
use x500UniqueIdentifier in Exim and Dovecot this QUITE HACKY
workaround can be used. Read
more...