Thanks Colin that did the trick. I guess I did not search with the right terms to find that fix. Much appreciated!
Daniel Du Vall Castle Rock Colorado -----Original Message----- From: Colin [mailto:[email protected]] Sent: Wednesday, December 14, 2011 2:40 AM To: ASSP development mailing list Subject: Re: [Assp-test] SSL Certificates - Intermediate Mine are running with the cert and ca file concatenated as the cert file. Put the cert in the top of the file and the intermediary immediately below. I think I set this up before SSLCaFile was present as I remember asking on the forums. I have just changed one of my servers to separate out the intermediary CA File from the main cert and put the CA file in SSLCaFile and it works a charm. What does maillog say when you start ASSP up? It normally outputs something about your SSL certs if there's any problems. Regards, Colin. On 14/12/2011 06:36, Daniel K. Du Vall wrote: > I have this problem also and placing a path to the ca.pem file still fails a > test of the certificate > MX Server Pref Con-nect All-owed CanUse TLSAdv > CertOK TLSNeg SndrOK RcvrOK > mail.quadtrax.com > [173.8.247.229] 10 OK(70ms) OK(81ms) OK(304ms) OK(86ms) > FAIL OK(934ms) OK(96ms) OK(96ms) > Average 100% 100% 100% > 100% 0% 100% 100% 100% > > [000.455] --> STARTTLS > [000.540] <-- 220 2.0.0 Ready to start TLS > [000.540] STARTTLS command works on this server > [000.731] Cipher in use: AES256-SHA > [000.731] Connection converted to SSL > [000.732] Cert Authority: /C=IL/O=StartCom Ltd./OU=Secure Digital > Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA > [000.732] Cert Owner: > /description=578438-dM4OltnREibqiZqQ/CN=mail.quadtrax.com/[email protected] > [000.837] Cert NOT VALIDATED: unable to get local issuer > certificate > [000.837] So email is encrypted but the domain is not verified > [000.837] Cert Hostname VERIFIED (mail.quadtrax.com) > [000.838] ~~> EHLO checktls.com > > > /var/assp/certs/SSLquadtraxCRT.pem > /var/assp/certs/SSLquadtraxKEY.pem > /var/assp/certs/ca.pem > > SSLCertFile:=e5ea2...... > SSLKeyFile:=e5ea2....... > SSLCaFile:=e5ea2....... > ------------------------------------------------------------------------------ Cloud Computing - Latest Buzzword or a Glimpse of the Future? This paper surveys cloud computing today: What are the benefits? Why are businesses embracing it? What are its payoffs and pitfalls? http://www.accelacomm.com/jaw/sdnl/114/51425149/ _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Cloud Computing - Latest Buzzword or a Glimpse of the Future? This paper surveys cloud computing today: What are the benefits? Why are businesses embracing it? What are its payoffs and pitfalls? http://www.accelacomm.com/jaw/sdnl/114/51425149/ _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
