In the last episode (Jul 07), Marco Beishuizen said:
> On Tue, 6 Jul 2010, Dan Nelson wrote:
>
> > CA Roots are also self-signed, btw :) Addtrust is a valid CA Root, and is
> > the root for some certificates signed by Network Solutions and Comodo (and
> > probably others). Marco, the fetchmail manpage mentions a --sslcertfile
> > option; try adding "--sslcertfile /etc/ssl/cert.pem" to force fetchmail to
> > use the ca_root_nss file you installed previously. IMHO openssl should
> > automatically consult that file, but apparently it doesn't.
>
> Where do I add the "--sslcertfile" option? I do have a /etc/ssl/cert.pem
> file and fetchmail is started at boot-time (in rc.conf). The starting
> script of fetchmail in /usr/local/etc/rc.d/ isn't something to be changed
> I think. Or do I add the option in the .fetchmailrc file?
It's a commandline option, and from reading the manpage, apparently can be
added to a fetchmailrc:
Almost all options have a corresponding keyword which can be used
to declare them in a .fetchmailrc file.
[...]
--sslcertfile <file>
(Keyword: sslcertfile, since v6.3.17)
Sets the file fetchmail uses to look up local certificates.
If you wanted to add it to the commandline, you could put this in your
/etc/rc.conf: fetchmail_flags="--sslcertfile"
--
Dan Nelson
dnel...@allantgroup.com
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
