Re: Sendmail [was OpenSSL]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Do, den 15.07.2004 schrieb James Kosin um 15:43:

> 	Just one side point or question.  How do you generate a key with a
> different serial number?  Or should I be using the same key for pop3s
> and semdmail TLS?

> James Kosin

Hi James!

It does not matter, as long as you don't use certificates for
authentication. From what I understand by your efforts you just want to
activate TLS, both for Sendmail as for POP3 (where it is called POP3s
then). In this case the certificate is only used for handshaking and
building an encrypted connection. The only important thing you must take
care for is to use as CN the real resolvable FQDN when creating the
certificate. Else some clients complain at every connection or they even
reject to connect due to a claimed insecure connection / mismatching
certificate detected. I myself simply name my mail server
mail.mydomain.tld and use that name for my users / customers for SMTP
(Sendmail) and IMAPs and POP3s.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) Athlon CPU kernel 2.6.6-1.435.2.3.uml
Serendipity 16:01:03 up 2 days, 13:43, load average: 1.25, 1.18, 1.11 

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux