TLS config help

Tue, 28 Aug 2012 23:38:48 -0700 

Following the directions at 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssl.html
Trying to configure TLS and sendmail using the following steps

# openssl dsaparam -rand -genkey -out myRSA.key 1024
# openssl gendsa -des3 -out myca.key myRSA.key
# openssl req -new -x509 -days 365 -key myca.key -out new.crt


]# ls -l /etc/certs/
total 10
-rw-r--r--  1 root  wheel   963 Aug 29 05:39 cert.pem
-rw-------  1 root  wheel   804 Aug 29 05:50 myRSA.key
-rw-------  1 root  wheel  1264 Aug 29 05:51 myca.key
-rw-r--r--  1 root  wheel  1773 Aug 29 05:53 new.crt
-rw-r--r--  1 root  wheel   603 Aug 29 05:39 req.pem

After restarting sendmail I get the following in /var/log/mailog

Aug 29 05:39:55 mail sm-mta[8574]: NOQUEUE: stopping daemon, reason=signal
Aug 29 05:39:55 mail sm-mta[8618]: starting daemon (8.14.5): SMTP+queueing@00:30:00 Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server, error: SSL_CTX_use_PrivateKey_file(/etc/certs/myca.key) failed Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:0906D06C:PEM routines:PEM_read_bio:no start line:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem_lib.c:648:Expecting: X509 CRL Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:0906406D:PEM routines:PEM_def_callback:problems getting password:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem_lib.c:105: Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:0906A068:PEM routines:PEM_do_header:bad password read:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem_lib.c:406: Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/ssl_rsa.c:669: Aug 29 05:39:55 mail sm-mta[8618]: started as: /usr/sbin/sendmail -L sm-mta -bd -q30m 

Any help is appreciated.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to