Hi,
I've been reading the install guide for courier-mta on the website, and I am a
little confused by the configuration of the SSL features. In each case it
appears from the install guide that all you need is a digital certificate in
pem format to be in the correct location.
My understanding of how SSL works is that the client will use that certificate
to obtain the servers public key, which it will use to encrypt a session key,
which the server must then decrypt with its private key. The session key is
used for the duration of the information exchange once it is known to both
parties.
Nowhere in the guide does it say where to install the private key for the imap
/ smtp services, nor can I see it in the configuration files referenced.
Without the private key, how will any of these services decrypt messages
encrypted with the key contained in the public key certificate?
Am i missing something in how the protocol works or is there ju-ju afoot? I
just fail to see how the server is ever going to be able to decrypt a message
encrypted with the key contained in the certificate, which is the whole purpose
of having a digital certificate, the basis of trust to enable shared secrets...
Charles.
------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users