John McCoy, Jr wrote:
> No one responded to me when I spelled it out.
That happens, life's a bitch.
> here is the Makefile stuff:
[snip]
> This looks to me like the commands for requesting a cert and key. I already
> have them. I need to know how qmail is going to want them now, some programs
> want them in a single file with no password protection, I tried that it
> didn't work.
Have you tried running them and examining the output? Then maybe comparing
them to the cert data you have? I already said that both the key and the
cert need to be in the file. Which if you examine those make commands is
exactly what you end up with. How did you test your setup with the
key+cert combo? What is "didn't work"?
> Others want to seperate files and will prompt you for a
> password as they start up, that didn't work either. That is all I know how
> to do, is there another way? I tried two files without a password on the
> privet key too. Do I need a CA file possibly?
Everything you need to know is in the header of the patch file. It tells
you every additional control file, and what they are used for. It gives
examples of how to generate them. You may need a list of CAs, it depends
on which aspect of SMTP/TLS you are trying to make work. If you want to
allow relaying based on signed personal certificates, for example, you will
need a list of CAs which you want to accept placed into
/var/qmail/control/clientca.pem as well as the email addresses placed in
/var/qmail/control/tlsclients
--
Jamie Heilman http://audible.transient.net/~jamie/
"We must be born with an intuition of mortality. Before we know the words
for it, before we know there are words, out we come bloodied and squalling
with the knowledge that for all the compasses in the world, there's only
one direction, and time is its only measure." -Rosencrantz
