Re: sendmail STARTTLS

GVG GVG Thu, 10 Jul 2008 07:41:55 -0700

On Thu, Jul 10, 2008 at 4:12 PM, Will Maier <[EMAIL PROTECTED]> wrote:


> On Thu, Jul 10, 2008 at 03:56:48PM +0200, GVG GVG wrote:
> > On Thu, Jul 10, 2008 at 3:33 PM, Will Maier <[EMAIL PROTECTED]> wrote:
> > > On Thu, Jul 10, 2008 at 02:08:30PM +0200, GVG GVG wrote:
> > > > ----------------------
> > > > define(`CERT_DIR', `MAIL_SETTINGS_DIR`'CA')dnl
> > > > define(`confCACERT_PATH', `CERT_DIR')dnl
> > > > define(`confCACERT', `CERT_DIR/cacert.pem')dnl
> > > > define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
> > > > define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl
> > > > define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
> > > > define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
> > > > ---------------------
> [...]
> > Yes they do exist:
> >
> > ------------------------------
> > -bash-3.2$ pwd
> > /etc/mail/CA
> > -bash-3.2$ ls -l
> > total 56
> > -rw-r--r--  1 root  wheel  1229 Jun 23 17:02 cacert.pem
> > -rw-r--r--  1 root  wheel   875 Jun 18 13:46 cacert.pm
> > -rw-------  1 root  wheel  3848 Jun 23 17:11 cert.pem
> > drwxr-xr-x  2 root  wheel   512 Jun 17 16:25 certs
> > drwxr-xr-x  2 root  wheel   512 Jun 23 17:17 crl
> > -rw-------  1 root  wheel     3 Jun 23 17:17 crlnumber
> > -rw-------  1 root  wheel    68 Jun 23 17:11 index.txt
> > -rw-------  1 root  wheel    21 Jun 23 17:11 index.txt.attr
> > -rw-r--r--  1 root  wheel     0 Jun 23 16:46 index.txt.old
> > -rw-r--r--  1 root  wheel  1679 Jun 23 17:04 key.pem
> > drwxr-xr-x  2 root  wheel   512 Jun 23 17:11 newcerts
> > drwx------  2 root  wheel   512 Jun 23 16:53 private
> > -rw-------  1 root  wheel     3 Jun 23 17:11 serial
> > -rw-r--r--  1 root  wheel     3 Jun 23 16:46 serial.old
> > -------------------
>
> You're missing my{cert,key}.pem.
>
> > and in the mail_log there is nothing recorded! No errors or
> > warnings!
>
> Did you restart sendmail?
>
> --
>
> o--------------------------{ Will Maier }--------------------------o
> | web:.......http://www.lfod.us/ | [EMAIL PROTECTED] |
> *---------------------[ BSD: Live Free or Die ]--------------------*
>
>
Sorry I did a mistake! The changes in the .mc file are:

----------------
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'CA')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/cacert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/key.pem')dnl
--------------

using the same certs for 'server' and 'client'! So the files do exist!

And yes I did restart sendmail! I actually did restart the whole box!

In a sendmail book I found following entry they suggested to put in the .mc
file. Could be the reason for my problems?

--------------
dnl define(`confCRL', `CERT_DIR/crl/crl.pem')dnl
-------------

Thanks

George

Re: sendmail STARTTLS

Reply via email to