Justin Ellison wrote:
> >From http://www.stunnel.org/faq/certs.html
>
> openssl req -new -x509 -days 365 -nodes -config stunnel.cnf -out
> stunnel.pem -keyout stunnel.pem
This worked (thanks to Trond as well). I just didn't know I was supposed
to make my own certificate, but now that I did, it works. Now, next
question. A certificate always applies to a single host/domain name. If the
server is being accessed by different domain names, the same certificate will
generate a warning because what's in it, and what the client is issuing
doesn't match. Is there any way to have a certificate serve different
domains? Or do I have to have multiple versions of imapd/s to be able to
treat this?
My server is being accessed by mail.<domain>.<tld> (where <domain>.<tld>
can be any number of the hosted domains that are on the system), so unless
someone accesses mail by using the actual server name, they'll always get
that warning (mail.<whatever>.<tld> doesn't match blah blah blah)..
Should I take this up with the openssl/stunnel folks?
--
W |
| I haven't lost my mind; it's backed up on tape somewhere.
|____________________________________________________________________
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ashley M. Kirchner <mailto:[EMAIL PROTECTED]> . 303.442.6410 x130
SysAdmin / Websmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . eFax 248.671.0909
http://www.pcraft.com . 3550 Arapahoe Ave #6
.................. . . . . Boulder, CO 80303, USA
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list