Am Do, den 15.07.2004 schrieb James Kosin um 15:43: > Just one side point or question. How do you generate a key with a > different serial number? Or should I be using the same key for pop3s > and semdmail TLS? > James Kosin Hi James! It does not matter, as long as you don't use certificates for authentication. From what I understand by your efforts you just want to activate TLS, both for Sendmail as for POP3 (where it is called POP3s then). In this case the certificate is only used for handshaking and building an encrypted connection. The only important thing you must take care for is to use as CN the real resolvable FQDN when creating the certificate. Else some clients complain at every connection or they even reject to connect due to a claimed insecure connection / mismatching certificate detected. I myself simply name my mail server mail.mydomain.tld and use that name for my users / customers for SMTP (Sendmail) and IMAPs and POP3s. Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) Athlon CPU kernel 2.6.6-1.435.2.3.uml Serendipity 16:01:03 up 2 days, 13:43, load average: 1.25, 1.18, 1.11
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
