Andrew McNabb wrote: > smtp_tls_security_level = fingerprint > smtp_tls_fingerprint_digest = sha1 > > and then set the smtp_tls_fingerprint_cert_match option based on the > output of: > > openssl x509 -fingerprint -noout -sha1 -in > /secrets-mcnabbs/certs/mail.mcnabbs.org.crt > > Anyway, I thought that might come in handy for someone.
Great tip, Andrew. > By the way, I've always done self-signed certificates for home stuff > because it's not worth paying crooks like Verisign. Have things > improved recently? Are there any free certificate authorities that are > reasonable to work with? I do my own certificates signed by my own certificate authority. That way I can just have someone download my ca certificate and load it into their system and then everything I do is validated for them. Several companies offer free certs for individuals. One company is startssl.com. They also offer unlimited certs for $50 a year. But I have no experience in dealing with them. -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
