Using client certificates

I’d appreciate some advice on how to setup axigen with Client SSL Certificates.

I have my own CA and Intermediate CA, and for axigen I created a “SSL Server certificate”, and an “SSL Client” certificate to test with.

I uploaded the Intermediate CA and Root CA as a PEM bundle as well.

I’ve been testing with the SMTP/IMAP services, when I select SSL, and “Request Certificate based authentication from Client”. I’ve even added the “Certificate authorities file” referencing the CA PEM bundle.

Connecting to either service, yields a “Unknown CA” error - regardless of whether I use the client certificate or even use the servers certificate during the test.

2024-03-01 07:43:57 +0000 02 axigen SMTP-IN:00000000: SSL alert remote, undefined:fatal:unknown CA 2024-03-01 07:43:57 +0000 02 axigen SERVER:00000000: SSL_accept error:0A000086:SSL routines::certificate verify failed

To test I’ve been using:

openssl s_client -connect -cert mail-client.crt -key mail-client.key -CAfile ca.crt

As a minimum I’d like to set it up that only “known” client certificates can connect - but if I could use the client certificate for user authentication as well, that would be great.

Any tips/advice?


Could you please confirm the Axigen version you are using and on which OS is installed?


Oh yes, sorry - I did mean to include that. I’m running in docker, a fresh install this week, so 10.5.16.