[GH-ISSUE #185] Client certificate authentication (Office 365 connector) #42

New issue

Closed

opened 2026-02-26 18:33:02 +03:00 by kerem · 2 comments

kerem commented 2026-02-26 18:33:02 +03:00

Owner

Copy link

Originally created by @JadRho on GitHub (Feb 18, 2025).
Original GitHub issue: https://github.com/decke/smtprelay/issues/185

Could client certificate authentication be used for the remote smtp server ?

The use case is for Office 365 with the connector enabled for subject name in the certificate.

local_cert and local_key are used only for the local part not with the upstream connection to the smtp server.

Originally created by @JadRho on GitHub (Feb 18, 2025). Original GitHub issue: https://github.com/decke/smtprelay/issues/185 Could client certificate authentication be used for the remote smtp server ? The use case is for Office 365 with the connector enabled for subject name in the certificate. local_cert and local_key are used only for the local part not with the upstream connection to the smtp server.

kerem closed this issue 2026-02-26 18:33:02 +03:00

kerem commented 2026-02-26 18:33:03 +03:00

Author

Owner

Copy link

@decke commented on GitHub (Feb 22, 2025):

It's definitely not possible at the moment but I can check if our SMTP client code can support it in the future.

<!-- gh-comment-id:2676080964 --> @decke commented on GitHub (Feb 22, 2025): It's definitely not possible at the moment but I can check if our SMTP client code can support it in the future.

kerem commented 2026-02-26 18:33:03 +03:00

Author

Owner

Copy link

@Bert-Proesmans commented on GitHub (Dec 13, 2025):

This feature would be useful to me too!

I looked into the code and it looks like the tls.Config struct could be configured with "Certificates" (https://pkg.go.dev/crypto/tls#Config). If my deduction is correct, then this feature (luckily) requires some plumbing to complete. I'll make an attempt, but don't hold your breath because my Go is bad.

github.com/decke/smtprelay@780ac71f74/smtp.go (L338-L343)
github.com/decke/smtprelay@780ac71f74/smtp.go (L364-L372)

<!-- gh-comment-id:3649759263 --> @Bert-Proesmans commented on GitHub (Dec 13, 2025): This feature would be useful to me too! I looked into the code and it looks like the tls.Config struct could be configured with "Certificates" (https://pkg.go.dev/crypto/tls#Config). If my deduction is correct, then this feature (luckily) requires some plumbing to complete. I'll make an attempt, but don't hold your breath because my Go is bad. https://github.com/decke/smtprelay/blob/780ac71f7420d19b7d6c0a37e6f62f9a85116577/smtp.go#L338-L343 https://github.com/decke/smtprelay/blob/780ac71f7420d19b7d6c0a37e6f62f9a85116577/smtp.go#L364-L372

kerem referenced this issue 2026-02-26 18:33:16 +03:00

[PR #42] [MERGED] Bump wangyoucao577/go-release-action from 1.19 to 1.20 #80

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/go_modules/github.com/rs/zerolog-1.35.1

dependabot/go_modules/github.com/DeRuina/timberjack-1.4.2

dependabot/go_modules/github.com/chrj/smtpd-1.0.0

dependabot/github_actions/step-security/harden-runner-2.19.0

dependabot/github_actions/github/codeql-action-4.35.2

add-service

v1.13.2

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.0

v1.8.0

v1.7.0

v1.6.0

v1.5.0

v1.4.0

v1.3.0

v1.2.0

v1.1.0

v1.0.1

v1.0.0

Labels

Clear labels   

bug

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/smtprelay#42

No description provided.