Im lost on how to bring in Certs from Network Solutions.. Im trying to get TLS running TRUSTED. My OS redhat..and one of the problems TLS is working from inside to out but anyone replying command unknown STARTTLS=client, relay=mail.sterlingsavings.com., version=TLSv1/SSLv3, verify=FAIL, cipher=RC4-MD5, bits=128/128
They send me 4 files 1 AddTrustExternalCARoot.ca 2 UTNAddTrustServer_CA.crt 3 NetworkSolutions_CA.crt 4 (domain) ther.com This is the orginal CAperm I created .. [EMAIL PROTECTED] certs]# openssl x509 -in CAcert.pem -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: C=US, ST=New York, L=New York City, O=Reserve Funds, CN=smtp1.ther.com Validity Not Before: Mar 14 21:20:07 2007 GMT Not After : Mar 13 21:20:07 2008 GMT Subject: C=US, ST=New York, L=New York City, O=Reserve Funds, CN=smtp1.ther.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:a9:6c:cc:2b:3a:a2:4b:68:44:c4:89:34:ed:70: a9:aa:35:65:e7:03:75:ce:a5:66:f9:71:26:32:cf: b9:f6:90:fd:ab:bd:c4:b9:93:5f:bb:92:e9:fb:f6: 4f:be:09:5d:f7:b9:70:e4:fc:b6:fc:5e:1e:d9:ca: b6:79:ec:40:d1:80:8d:b5:a0:d9:7e:09:bc:4f:60: 2f:85:9a:a6:a5:cb:03:e9:f3:d4:66:26:dc:b9:31: dd:dc:d1:a6:27:4f:3e:6a:35:2c:15:dd:8d:af:3b: fd:45:b7:f6:fa:e2:68:76:65:f0:bb:62:9a:0f:45: c4:bf:e4:1f:de:63:e3:5f:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:CF:59:CB:7D:D6:8D:C6:33:49:68:DA:02:4D:4F:08:EB:11:76:AF X509v3 Authority Key Identifier: keyid:CC:CF:59:CB:7D:D6:8D:C6:33:49:68:DA:02:4D:4F:08:EB:11:76:AF DirName:/C=US/ST=New York/L=New York City/O=Reserve Funds/CN=smtp1.ther.com serial:00 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: md5WithRSAEncryption 1a:bd:c1:88:39:02:9b:18:1d:9e:1e:a1:61:b7:cf:1f:2e:45: a3:a6:72:aa:40:ca:b4:de:45:1b:73:cf:8e:02:e5:56:97:20: d2:82:45:58:1f:07:6c:d3:7c:1a:17:3b:4b:57:e5:59:1a:b5: a1:ba:84:31:94:66:da:8e:96:1d:d5:51:57:95:95:e0:64:c2: 57:5b:90:b6:b5:19:1e:d6:2c:0f:37:6a:5f:9f:da:76:b0:f9: d0:cd:d2:97:f6:b5:7a:c6:36:55:b8:cd:ce:2c:d8:17:90:93: a9:aa:b5:87:bb:b9:1d:28:f3:13:00:79:8b:45:27:b6:da:c6: d6:37 [EMAIL PROTECTED] ~]# openssl s_client -starttls smtp -crlf -connect localhost:25 CONNECTED(00000003) depth=3 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust Externa l CA Root verify error:num=19:self signed certificate in certificate chain verify return:0 --- Certificate chain 0 s:/C=US/postalCode=10001/ST=NY/L=New York/streetAddress=1250 Broadway/O=Reser ve Management Corporation/OU=Network Services/OU=Secure Link SSL Pro/CN=smtp1.th er.com i:/C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authority 1 s:/C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authority i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrus t.com/CN=UTN-USERFirst-Hardware 2 s:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrus t.com/CN=UTN-USERFirst-Hardware i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External C A Root 3 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External C A Root i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External C A Root --- Server certificate -----BEGIN CERTIFICATE----- MIIE9TCCA92gAwIBAgIRAJY/56pr2WmUjI1Jw159YowwDQYJKoZIhvcNAQEFBQAw YjELMAkGA1UEBhMCVVMxITAfBgNVBAoTGE5ldHdvcmsgU29sdXRpb25zIEwuTC5D LjEwMC4GA1UEAxMnTmV0d29yayBTb2x1dGlvbnMgQ2VydGlmaWNhdGUgQXV0aG9y aXR5MB4XDTA3MDMxNTAwMDAwMFoXDTA4MDMxNTIzNTk1OVowgdAxCzAJBgNVBAYT AlVTMQ4wDAYDVQQREwUxMDAwMTELMAkGA1UECBMCTlkxETAPBgNVBAcTCE5ldyBZ b3JrMRYwFAYDVQQJEw0xMjUwIEJyb2Fkd2F5MScwJQYDVQQKEx5SZXNlcnZlIE1h bmFnZW1lbnQgQ29ycG9yYXRpb24xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMx HDAaBgNVBAsTE1NlY3VyZSBMaW5rIFNTTCBQcm8xFzAVBgNVBAMTDnNtdHAxLnRo ZXIuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgnJIamYiQqq+7IcPr 4p7Ns41yQDgWiZzx8I4L4FIbh/pPtmFHSbsOe4NEboXoGQJjzXdyDzBURwaJKV53 pmDxI2P4AD79EqTaXQjuW3i1D+MtiTWaLk2kCLWM6CWsx8gH4Sp5Bqbk1t1PstnM BYjOoBgI2YNXNwJaNqExU+exFwIDAQABo4IBuTCCAbUwHwYDVR0jBBgwFoAUPEHi jwgIqUwliY1txTjQ/IWMYhcwHQYDVR0OBBYEFHkP4B5zmr46v6cmK8bC/9xvTH66 MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF BwMBBggrBgEFBQcDAjARBglghkgBhvhCAQEEBAMCBsAwWQYDVR0gBFIwUDBOBgwr BgEEAYYOAQIBAwEwPjA8BggrBgEFBQcCARYwaHR0cDovL3d3dy5uZXRzb2xzc2wu Y29tL3JlcG9zaXRvcnkvcmVseWluZ3BhcnR5MHoGA1UdHwRzMHEwNqA0oDKGMGh0 dHA6Ly9jcmwubmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zX0NBLmNybDA3 oDWgM4YxaHR0cDovL2NybDIubmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25z X0NBLmNybDBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAKGMGh0dHA6Ly93d3cu bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zX0NBLmNydDANBgkqhkiG9w0B AQUFAAOCAQEAj3NpBKQtLx7GuAknVAVgn4nP74+++4gwC6Y1gYYBVH9HIBBWCxnE ICOpf5jX6Gfo2D9VGBzkDblO0QeSGhVQbETlgMtJM8mtFRlPlsroHXAHn8kRt70+ Tzbguac/EKUzSnfTC6WJxC0U3nkBMiQiOPmk7bvfBZiQDrasFFVUq4G1ga9NzGaT cSKTPp+69DszEFOq0S6G87uwI9/UX90e7JOHts1n4OBW57AHQmwGNs6mDK7Y03HL IacO49G2aB7kmsra4Ikvngm8vaayqFDECMhfRQeu16H8cmQ/mE0dz66lKdCPcTQj xWUQvfNr5P6JkTw6YUdMfWSzNzyzgOMGpg== -----END CERTIFICATE----- subject=/C=US/postalCode=10001/ST=NY/L=New York/streetAddress=1250 Broadway/O=Re serve Management Corporation/OU=Network Services/OU=Secure Link SSL Pro/CN=smtp1 .ther.com issuer=/C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authori ty --- No client certificate CA names sent --- SSL handshake has read 5428 bytes and written 293 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 243B560219DCDDCC17C31932F8C91BA9A3178CF7C86CD623DBB729706897C75A Session-ID-ctx: Master-Key: B7B4A5E439347DBCAF4BD05F37EA875A50F09C7A60C0684B4A02A0B01D613C7F C8AD2626B0CD4986E2EF9F5DD79D548F Key-Arg : None Start Time: 1174221259 Timeout : 300 (sec) Verify return code: 19 (self signed certificate in certificate chain) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]