Im lost on how to bring in Certs from Network Solutions.. Im trying
to get TLS running TRUSTED. My OS redhat..and one of the problems
TLS is working from inside to out but anyone replying command unknown
STARTTLS=client, relay=mail.sterlingsavings.com., version=TLSv1/SSLv3,
verify=FAIL, cipher=RC4-MD5, bits=128/128
They send me 4 files
1 AddTrustExternalCARoot.ca
2 UTNAddTrustServer_CA.crt
3 NetworkSolutions_CA.crt
4 (domain) ther.com
This is the orginal CAperm I created ..
[EMAIL PROTECTED] certs]# openssl x509 -in CAcert.pem -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=New York, L=New York City, O=Reserve Funds,
CN=smtp1.ther.com
Validity
Not Before: Mar 14 21:20:07 2007 GMT
Not After : Mar 13 21:20:07 2008 GMT
Subject: C=US, ST=New York, L=New York City, O=Reserve Funds,
CN=smtp1.ther.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:a9:6c:cc:2b:3a:a2:4b:68:44:c4:89:34:ed:70:
a9:aa:35:65:e7:03:75:ce:a5:66:f9:71:26:32:cf:
b9:f6:90:fd:ab:bd:c4:b9:93:5f:bb:92:e9:fb:f6:
4f:be:09:5d:f7:b9:70:e4:fc:b6:fc:5e:1e:d9:ca:
b6:79:ec:40:d1:80:8d:b5:a0:d9:7e:09:bc:4f:60:
2f:85:9a:a6:a5:cb:03:e9:f3:d4:66:26:dc:b9:31:
dd:dc:d1:a6:27:4f:3e:6a:35:2c:15:dd:8d:af:3b:
fd:45:b7:f6:fa:e2:68:76:65:f0:bb:62:9a:0f:45:
c4:bf:e4:1f:de:63:e3:5f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:CF:59:CB:7D:D6:8D:C6:33:49:68:DA:02:4D:4F:08:EB:11:76:AF
X509v3 Authority Key Identifier:
keyid:CC:CF:59:CB:7D:D6:8D:C6:33:49:68:DA:02:4D:4F:08:EB:11:76:AF
DirName:/C=US/ST=New York/L=New York City/O=Reserve
Funds/CN=smtp1.ther.com
serial:00
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: md5WithRSAEncryption
1a:bd:c1:88:39:02:9b:18:1d:9e:1e:a1:61:b7:cf:1f:2e:45:
a3:a6:72:aa:40:ca:b4:de:45:1b:73:cf:8e:02:e5:56:97:20:
d2:82:45:58:1f:07:6c:d3:7c:1a:17:3b:4b:57:e5:59:1a:b5:
a1:ba:84:31:94:66:da:8e:96:1d:d5:51:57:95:95:e0:64:c2:
57:5b:90:b6:b5:19:1e:d6:2c:0f:37:6a:5f:9f:da:76:b0:f9:
d0:cd:d2:97:f6:b5:7a:c6:36:55:b8:cd:ce:2c:d8:17:90:93:
a9:aa:b5:87:bb:b9:1d:28:f3:13:00:79:8b:45:27:b6:da:c6:
d6:37
[EMAIL PROTECTED] ~]# openssl s_client -starttls smtp -crlf -connect
localhost:25
CONNECTED(00000003)
depth=3 /C=SE/O=AddTrust AB/OU=AddTrust External TTP
Network/CN=AddTrust Externa
l CA Root
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/C=US/postalCode=10001/ST=NY/L=New York/streetAddress=1250
Broadway/O=Reser
ve Management Corporation/OU=Network
Services/OU=Secure Link SSL Pro/CN=smtp1.th
er.com
i:/C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authority
1 s:/C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authority
i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST
Network/OU=http://www.usertrus
t.com/CN=UTN-USERFirst-Hardware
2 s:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST
Network/OU=http://www.usertrus
t.com/CN=UTN-USERFirst-Hardware
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust
External C
A Root
3 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust
External C
A Root
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust
External C
A Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIRAJY/56pr2WmUjI1Jw159YowwDQYJKoZIhvcNAQEFBQAw
YjELMAkGA1UEBhMCVVMxITAfBgNVBAoTGE5ldHdvcmsgU29sdXRpb25zIEwuTC5D
LjEwMC4GA1UEAxMnTmV0d29yayBTb2x1dGlvbnMgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5MB4XDTA3MDMxNTAwMDAwMFoXDTA4MDMxNTIzNTk1OVowgdAxCzAJBgNVBAYT
AlVTMQ4wDAYDVQQREwUxMDAwMTELMAkGA1UECBMCTlkxETAPBgNVBAcTCE5ldyBZ
b3JrMRYwFAYDVQQJEw0xMjUwIEJyb2Fkd2F5MScwJQYDVQQKEx5SZXNlcnZlIE1h
bmFnZW1lbnQgQ29ycG9yYXRpb24xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMx
HDAaBgNVBAsTE1NlY3VyZSBMaW5rIFNTTCBQcm8xFzAVBgNVBAMTDnNtdHAxLnRo
ZXIuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgnJIamYiQqq+7IcPr
4p7Ns41yQDgWiZzx8I4L4FIbh/pPtmFHSbsOe4NEboXoGQJjzXdyDzBURwaJKV53
pmDxI2P4AD79EqTaXQjuW3i1D+MtiTWaLk2kCLWM6CWsx8gH4Sp5Bqbk1t1PstnM
BYjOoBgI2YNXNwJaNqExU+exFwIDAQABo4IBuTCCAbUwHwYDVR0jBBgwFoAUPEHi
jwgIqUwliY1txTjQ/IWMYhcwHQYDVR0OBBYEFHkP4B5zmr46v6cmK8bC/9xvTH66
MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjARBglghkgBhvhCAQEEBAMCBsAwWQYDVR0gBFIwUDBOBgwr
BgEEAYYOAQIBAwEwPjA8BggrBgEFBQcCARYwaHR0cDovL3d3dy5uZXRzb2xzc2wu
Y29tL3JlcG9zaXRvcnkvcmVseWluZ3BhcnR5MHoGA1UdHwRzMHEwNqA0oDKGMGh0
dHA6Ly9jcmwubmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zX0NBLmNybDA3
oDWgM4YxaHR0cDovL2NybDIubmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25z
X0NBLmNybDBMBggrBgEFBQcBAQRAMD4wPAYIKwYBBQUHMAKGMGh0dHA6Ly93d3cu
bmV0c29sc3NsLmNvbS9OZXR3b3JrU29sdXRpb25zX0NBLmNydDANBgkqhkiG9w0B
AQUFAAOCAQEAj3NpBKQtLx7GuAknVAVgn4nP74+++4gwC6Y1gYYBVH9HIBBWCxnE
ICOpf5jX6Gfo2D9VGBzkDblO0QeSGhVQbETlgMtJM8mtFRlPlsroHXAHn8kRt70+
Tzbguac/EKUzSnfTC6WJxC0U3nkBMiQiOPmk7bvfBZiQDrasFFVUq4G1ga9NzGaT
cSKTPp+69DszEFOq0S6G87uwI9/UX90e7JOHts1n4OBW57AHQmwGNs6mDK7Y03HL
IacO49G2aB7kmsra4Ikvngm8vaayqFDECMhfRQeu16H8cmQ/mE0dz66lKdCPcTQj
xWUQvfNr5P6JkTw6YUdMfWSzNzyzgOMGpg==
-----END CERTIFICATE-----
subject=/C=US/postalCode=10001/ST=NY/L=New York/streetAddress=1250
Broadway/O=Re
serve Management Corporation/OU=Network
Services/OU=Secure Link SSL Pro/CN=smtp1
.ther.com
issuer=/C=US/O=Network Solutions L.L.C./CN=Network Solutions
Certificate Authori
ty
---
No client certificate CA names sent
---
SSL handshake has read 5428 bytes and written 293 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 243B560219DCDDCC17C31932F8C91BA9A3178CF7C86CD623DBB729706897C75A
Session-ID-ctx:
Master-Key:
B7B4A5E439347DBCAF4BD05F37EA875A50F09C7A60C0684B4A02A0B01D613C7F
C8AD2626B0CD4986E2EF9F5DD79D548F
Key-Arg : None
Start Time: 1174221259
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
