Hi, here some command need to run after install openssl and stunnel. It's provided by
my friend Wu Hui, who is a CA fan. Hope it's useful to you. :)
-HuangChun
1.generate the digital certificate:
private key is stored into file "test1key.pem"��
the content of certificate is stored into file "test1req.pem"
#cd /usr/local/ssl
#./bin/openssl req -new -keyout test1key.pem -out test1req.pem
2.Issue the digital certificate:
#cd /usr/local/ssl
# ./bin/openssl ca -policy policy_anything -infiles test1req.pem
3.save the certificate got from step 2 into the directory used by stunnel
4.check the content of certificate��
#cd the directory of step 4
# /usr/local/ssl/bin/openssl x509 -in 03.pem -text
5.get the password of private key
#cd /usr/local/ssl
#./bin/openssl rsa -in test1key.pem -out testkey.pem
6.modify the password of private key
#cd /usr/local/ssl
#./bin/openssl rsa -in test1key.pem -out testkey.pem -des3
7.start pop3d with stunnel:
#stunnel -d pop3s -p /usr/local/ssl/certs/stunnel.pem -l /var/qmail/bin/qmail-popup
...
-l is followed by the command used in inetd.conf for pop3d daemon.
>Does anyone have a working tcpserver w/stunnel configuration they'd like to
>share? From the list archives I gather a patch is in order however the
>last posts on the topic are from '98 and that code appears to be out-dated.
>
>I'm using stunnel 3.4a from the Debian packages (potato). I'm specifically
>interested in enabling SSL pop3, but seeing any configs for SSL smtp
>wouldn't be uninteresting either. TIA
>
>--
>Jamie Heilman http://wcug.wwu.edu/~jamie/
>"I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she's
> not for you." She was cheap, she was stupid and she wouldn't load
> -- well, not for me, anyway." -Holly
_____________________________________________
һ·�����㣬��һ��ҲԸ�⣡
--Ϊ��ϲ����֧�ֵ�263�׶����ߣ�http://www.263.net��ͶһƱ��
��ҪͶƱ����http://fsurvey.cnnic.net.cn/survey/index.html��
