[ Matthias Fechner wrote on Wed 29.Aug'12 at 11:20:37 +0200 ]

> Am 29.08.12 12:38, schrieb AN:
> > Trying to configure TLS and sendmail using the following steps
> 
> I use:
> cd /etc/mail/certs
> 
> 
> Create a CA:
> 
> - Edit /etc/ssl/openssl.cfn -> default_days    = 1825
> - Generate CAcertificate
> -> /usr/src/crypto/openssl/apps/CA.pl -newca
> cp demoCA/cacert.pem .
> 
> Create a key:
> 
> /usr/src/crypto/openssl/apps/CA.pl -newreq
> 
> Remove passphrase from key:
> 
> openssl rsa -in newkey.pem -out key.pem
> 
> Sign key:
> 
> /usr/src/crypto/openssl/apps/CA.pl -sign
> 
> Set permissions:
> 
> chmod 0600 *
> 
> Sendmail:
> 
> define(`confCACERT_PATH',`/etc/mail/certs')
> define(`confCACERT',`/etc/mail/certs/cacert.pem')
> define(`confSERVER_CERT',`/etc/mail/certs/newcert.pem')
> define(`confSERVER_KEY',`/etc/mail/certs/key.pem')
> define(`confCLIENT_CERT',`/etc/mail/certs/newreq.pem')
> define(`confCLIENT_KEY',`/etc/mail/certs/key.pem')
> 
> DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
> DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
> 
> Bye,
> Matthias

That's very handy info, I am planning on setting up TLS for sendmail myself. So 
thanks to the OP for asking that question, although i'm sure there's loads of 
info on the net as well. I've only used Postfix before now, but since 
installing FBSD on this machine I thought i'd stick to using base MTA.

Jamie
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to