Is it working? Maybe.
I exchanged a couple emails with John Peacock and certainly got
further. I ended up having to CPAN the IO::Socket::SSL (?) module, which
was missing from my system.
Next run showed more errors. They ended up being due to path and
filename discrepancies. The plugins/tls_cert program creates an 'ssl'
directory in the pwd, so my first mistake was running it in the plugins
directory instead of the one above.
Within the ssl directory, the following files get created:
qpsmtpd-ca.crt
qpsmtpd-ca.key
qpsmtpd-server.crt
qpsmtpd-server.csr
qpsmtpd-server.key
Since none of them matched the following entry in config/plugins:
tls ssl/cert.pem ssl/privkey.pem
... it failed yet again. I changed the entry to:
tls ssl/qpsmtpd-server.crt ssl/qpsmtpd-server.key
Startup again, and no errors. When I attempted to connect using an
older version of Mozilla (0.9.8) with the SSL checked for outbound SMTP, I
was prompted to accept the certificate, which I did. The connection failed
due to a relay attempt, but it looks like the TLS stuff works. I noticed
the following logged:
CA file certs/my-ca.pem not found, using CA path instead.
TLS setup returning
I'm guessing that it's inconsequential.
So, is it working? I think so. However, the failure seems to be
that the auth plugin didn't actually run at all, hence the relay failure.
Progress, I guess :-)
Thanks, all, for the TLS help.
