Jesse Kline said: > > I think I have it worked out now as per the previous posts. When I setup > my laptop with a dialup account I was able to send and receive mail once > I added telus.net to the /etc/mail/access file. Right now I am trying to > make it more secure by substituting pop3s for ipop3d. The problem I'm > having now is that every e-mail client I setup says that my certificate > is no go (I build it myself btw). What do I have to do? Mozilla says > that it's not trusted, so do I have to register it with a CA or > something? Also kmail says that it has expired, even through when I look > at the cert it doesn't expire 'till 2004. > For your email client to trust the certificate you made yourself you need to setup a CA on your linux machine too and sign the certificate you made for POP3 with the CA. You would also need to import the CA Certificate into your email client / browser so that the client would trust that CA. There is no other way, besides importing the CA, to get every browser to trust the CA by default unless you use a CA provider which would cost money. The reason those ones work is because those CA's are already imported into every browser by default. I've only worked with CA/Certificates for Apache so I'm not completely sure on how to go about it with email but it should be fairly similar. Reasons kmail might say it has expired is either it doesn't trust it or because you had just created it, kmail might think the date listed on the certificate is still in the future because the certificate creation time is in GMT. I have seen that problem with konquerer, if that is the problem then kmail should stop complaining about it being expired by tomorrow or once the date on your computer catches up with what it thinks the date on the certificate is :)
Cheers, Trevor
