Re: [qmailtoaster] SSL Certificate

[Jake Vickers]

Dairenn Lombard wrote:

Outlook warns users about the self-signed certificate when trying to do
SSL over SMTP; we were wondering what we would need to do in order to
resolve that issue?  The thinking is along the lines of obtaining an SSL
certificate that matches the hostname of the server, but I'm not clear
how we would go about putting that certificate in place on the Qmail
toaster we have.
I would search the mailing list archives, but I keep getting htdig
errors when doing so.
 

registerfly.com is a good place to get a cert (only $15 a year). Here's 
a how-to that Erik Espinoza posted a while back:

1) Generate key:
# openssl genrsa -des3 -out servercert.key.enc 1024

2) Decrypt key:
# openssl rsa -in servercert.key.enc -out servercert.key

3) Generate Cert Request
# openssl req -new -key servercert.key -out servercert.csr

4) Went to RegisterFly, submitted servercert.csr for a trusted cert
($15). Got back file, called it servercert.crt

5) Create std pem, put in /var/qmail/control/servercert.pem
# cat servercert.key servercert.crt > /var/qmail/control/servercert.pem

6) Restart qmail
# service qmail restart

Also you can use this signed cert for apache by putting the
servercert.key in /etc/httpd/conf/ssl.key/server.key and putting
servercert.crt in /etc/httpd/conf/ssl.crt/server.crt



---------------------------------------------------------------------
    QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]