Sendmail [was OpenSSL]

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Wed Jul 14 16:32:50 UTC 2004


Am Mi, den 14.07.2004 schrieb James Kosin um 18:12:

> [root at beta mail]# ls -al /usr/share/ssl/certs
> total 284
> - -rw-r--r--  1 root root 249373 Mar 17 18:35 ca-bundle.crt
> - -rw-------  1 root root   2336 Jul 13 10:14 sendmail.pem

> in sendmail.mc

> define(`confCACERT_PATH',`/usr/share/ssl/certs')
> define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
> define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')

> James

James,

that will not work. You are using the "ca-bundle.crt" which comes with
Fedora but which is not the certificate of _your_ self-signing CA
(Certificate Authority). And what's missing is the hash link to the CA
cert required by OpenSSL.

Please consult following site

http://sial.org/howto/sendmail/tls-relay/

to get a good documentation and cookbook for running Sendmail and TLS,
especially creating the certificates. The sial.org site in whole is a
very good repository for helping documents. If you have questions you
are welcome to ask of course, but I think in this situation now it is
best to point you to the written documentation there.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) Athlon CPU kernel 2.6.6-1.435.2.3.uml
Serendipity 18:22:55 up 1 day, 16:05, load average: 0.16, 0.27, 0.25 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040714/17e052d0/attachment-0004.sig>


More information about the fedora-list mailing list