Sendmail SSL/TLS dummy Certs
Scott Taylor
scott at dctchambers.com
Fri May 7 18:51:15 UTC 2004
Rick Stevens said:
> Scott Taylor wrote:
>> Hello,
>>
>
> You need to edit your /etc/mail/sendmail.mc file and change the
> following macros:
>
> define(`CERT_DIR', `/path/to/your/certificates')
> define(`confCACERT_PATH', `CERT_DIR')
> define(`confCACERT',`CERT_DIR`'/cacert.pem')
> define(`confSERVER_CERT',`CERT_DIR`'/client.cert.pem')
> define(`confSERVER_KEY',`CERT_DIR`'/client.key.pem')
> define(`confCLIENT_CERT',`CERT_DIR`'/client.cert.pem')
> define(`confCLIENT_KEY',`CERT_DIR`'/client.key.pem')
Yeah, that's what I've been looking for, but they aren't in that file. So
where is this new RH getting these dummy certs from in the first place?
I'll try adding those lines, does it matter where in the file?
> That assumes you use the same keys for both client and server. If you
> want to use different files, change the appropriate lines. Once you
> make these changes, "/etc/rc.d/init.d/sendmail restart" should rebuild
> your /etc/mail/sendmail.cf file and you should be using your new certs.
Do I create these files the same as I created the Apache ones, or just use
the same files or what?
> I HIGHLY recommend you get a copy of the "Bat" book if you intend to do
> anything with sendmail. It's $60 US and worth every penny. The stuff I
> just described is on page 420 of the 3rd edition of the book. Get it.
I have it, just a bit old I think, seems this version has a lot of
different commands then when I bought that book (8.8.8 era).
Cheers.
Scott.
More information about the Redhat-install-list
mailing list