sendmail and Certificate Authority
Hello,
I am running a server from home. I have a apache webserver, an e-mail server, a dhcp server, and so on. Everything seems to work fine, and I can only thank Linux OS for that ease and stability. I would like for to connect and transact using ssl. Therefore, I got myself a certificate from a CA. Everything works well with the apache web server. I used the same certificate for dovecot-IMAP without to many problem. The head breaker comes with sendmail. I cannot find out where to include or tell the sendmail server to look for my certificate. I look around the web, I tried changing the CERT "section" in sendmail.mc file. When I restart my e-mail client, I keep on getting that my certificate is for the localhost.localdomain. Then, of course, when I try to send e-mail, some servers will reject my message due to the fact that my certificate and my address are not the same. Anyone knows where and what I can change to make the certificate to my name and no more to locahost.localdomain. Thanks Cheers |
You need to set these options in your mc and create a new cf
Code:
define(`confCACERT_PATH',`/path_to_certs_location') |
Hi there,
I include these commands in what I called the "Cert section". I thought that these commands were telling sendmail where to look for my certificate. So I retried the whole procedure to make sure. When I restart my mail client, I get the same error message, that my certificate is being held by "localhost.localdomain". I don't know where or what to look for anymore. |
Something like this may help. There are lots of howtos on creating certificates around.
http://www.openssl.org/docs/HOWTO/certificates.txt Edit - note you will need to use the correct fqdn to avoid the type of message you are getting |
Hi there,
But I have certificates. It seems to work perfectly with my apache webserver, and with my dovecot-imap server. I just don't understand why sendmail does not recongizes certificate. It keeps on telling me that the certificate for "localhost.localdomain" is not approriate, which I know. That is why I create a certificate from a CA. My question still stands. Where can I look into my sendmail server, to tell it to not take the localhost certificate but the one I created. Cheers |
If you have the correct values there then it should pick up the correct certificate.
|
Hi there,
I thank everyone that help me with this problem. I guess I made a fool of myself. The certificate is there, and sendmail picks it up. Something else gave the message "Unable to verify localhost.localdomain certificate". I apologize to everyone, because the problem came from my /etc/hosts file. For a reason or another, the line "127.0.0.1 localhost.localdomain localhost" disappear. As soon as I put this line back, the message did not show anymore. In the future, I will try to look at all the possible details. Anyways, thank you again for your answers. It still brought me alot of understanding about sendmail. Cheers |
Red-herring recipes
:rolleyes: It happens to us all. :rolleyes: Don't worry about a red-herring... just break out the capers and maybe a nice light wine and have dinner.
|
Dang, just when I was going to ask you about your hosts file. :D
No need to apologize. Thank you for coming back and posting the resolution to your problem. That helps when someone else has a similar issue they'll now know to check their /etc/hosts file. It's all good!!! |
All times are GMT -5. The time now is 10:44 PM. |