Sendmail [was OpenSSL]
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Wed Jul 14 16:32:50 UTC 2004
Am Mi, den 14.07.2004 schrieb James Kosin um 18:12:
> [root at beta mail]# ls -al /usr/share/ssl/certs
> total 284
> - -rw-r--r-- 1 root root 249373 Mar 17 18:35 ca-bundle.crt
> - -rw------- 1 root root 2336 Jul 13 10:14 sendmail.pem
> in sendmail.mc
> define(`confCACERT_PATH',`/usr/share/ssl/certs')
> define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
> define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
> James
James,
that will not work. You are using the "ca-bundle.crt" which comes with
Fedora but which is not the certificate of _your_ self-signing CA
(Certificate Authority). And what's missing is the hash link to the CA
cert required by OpenSSL.
Please consult following site
http://sial.org/howto/sendmail/tls-relay/
to get a good documentation and cookbook for running Sendmail and TLS,
especially creating the certificates. The sial.org site in whole is a
very good repository for helping documents. If you have questions you
are welcome to ask of course, but I think in this situation now it is
best to point you to the written documentation there.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) Athlon CPU kernel 2.6.6-1.435.2.3.uml
Serendipity 18:22:55 up 1 day, 16:05, load average: 0.16, 0.27, 0.25
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040714/17e052d0/attachment-0008.bin
More information about the users
mailing list