On Wed, 27 Mar 2002 at 8:36 PM Peter Palmreuther wrote:
|
|KG have also heard that one can create his own certificate using OpenSSL.
|
|You will not need to build a certificate.
|You'll only need the public part of servers key to have imported into your
|address book into 'Trusted Root CA' part.
|
|If your University does not offer to download the public key you can 'work
|around' this.
|
|Fetch OpenSSL compiled for Win32 from
|http://www.ritlabs.com/ftp/pub/the_bat/beta/openssl.rar
|Unrar it and open a command line shell (command.com or cmd.exe).
|
|Use this command from openssl-directory you extracted the content from
|RAR-archive to to connect to the server:
|
|openssl s_client -connect Mail-Server:Port -showcerts
|
|Port is usually 995 for POP3-over-SSL, Mail-Server you really should
|know best :-)
|
|Some stuff appears on screen. Then .. suddenly there's a line starting:
|
|-BEGIN CERTIFICATE-
|
|From _this line_, including it, until
|
|-END CERTIFICATE-
|
|also _including_, copy the whole block and save it with the help of
|Notepad, or any text editor of your choice, to a new text file.
|Call it to you preferences, but I'd suggest you make it's extension to
|'.pem'
|
|Now open up your TB!'s AB and go to 'Trusted Root CA'.
|Create a new contact, enter informations to your like.
|Enter the 'Certificates' tab and 'Import' the file you've just created.
|Save this new 'contact'.
|
|Enter the server settings of your mail account belonging to this server.
|At 'Transport' section change it to use 'Secure to dedicated port (TLS)'.
|
|You should be done. If not: copy the error message from log file
|(Ctrl+Shift+A) and paste it here so we maybe can give further hints.
|
|KG Maybe they could even post an FAQ sheet?
|
|Not yet :-) I'll need some _spare_ time for that :-)))
=
Might it be possible to incorporate this behavior into TB, so that when it discovers a
secure server; it gets the certificate, displays it and prompts me if I want to save
the certificate?
While the above works, it does seem like a lot to ask an end-user to do, especially
when other [inferior] email clients do it as I suggested.
Current Ver: 1.60k
FAQ: http://faq.thebat.dutaint.com
Unsubscribe: mailto:[EMAIL PROTECTED]
Archives : http://tbudl.thebat.dutaint.com
Moderators : mailto:[EMAIL PROTECTED]
TBTech List: mailto:[EMAIL PROTECTED]
Bug Reports: https://bt.ritlabs.com