On Wed, 27 Mar 2002 at 8:36 PM Peter Palmreuther wrote: | |KG> have also heard that one can create his own certificate using OpenSSL. | |You will not need to build a certificate. |You'll only need the public part of servers key to have imported into your |address book into 'Trusted Root CA' part. | |If your University does not offer to download the public key you can 'work |around' this. | |Fetch OpenSSL compiled for Win32 from |http://www.ritlabs.com/ftp/pub/the_bat/beta/openssl.rar |Unrar it and open a command line shell (command.com or cmd.exe). | |Use this command from openssl-directory you extracted the content from |RAR-archive to to connect to the server: | |openssl s_client -connect <Mail-Server>:<Port> -showcerts | |<Port> is usually 995 for POP3-over-SSL, <Mail-Server> you really should |know best :-) | |Some stuff appears on screen. Then .. suddenly there's a line starting: | |-----BEGIN CERTIFICATE----- | |>From _this line_, including it, until | |-----END CERTIFICATE----- | |also _including_, copy the whole block and save it with the help of |Notepad, or any text editor of your choice, to a new text file. |Call it to you preferences, but I'd suggest you make it's extension to |'.pem' | |Now open up your TB!'s AB and go to 'Trusted Root CA'. |Create a new contact, enter informations to your like. |Enter the 'Certificates' tab and 'Import' the file you've just created. |Save this new 'contact'. | |Enter the server settings of your mail account belonging to this server. |At 'Transport' section change it to use 'Secure to dedicated port (TLS)'. | |You should be done. If not: copy the error message from log file |(<Ctrl>+<Shift>+A) and paste it here so we maybe can give further hints. | |KG> Maybe they could even post an FAQ sheet? | |Not yet :-) I'll need some _spare_ time for that :-))) =============
Might it be possible to incorporate this behavior into TB, so that when it discovers a secure server; it gets the certificate, displays it and prompts me if I want to save the certificate? While the above works, it does seem like a lot to ask an end-user to do, especially when other [inferior] email clients do it as I suggested. ________________________________________________________ Current Ver: 1.60k FAQ : http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://bt.ritlabs.com
