Re: Error using Eudora, Sendmail and SSL

Mon, 18 Nov 2002 22:42:26 -0800 

In message <[EMAIL PROTECTED]> on Mon, 18 Nov 2002 
18:54:57 -0800, Ed Kasky <[EMAIL PROTECTED]> said:

ed> At 10:45 PM Monday, 11/18/2002, Richard Levitte - VMS Whacker wrote -=>
ed> >ed> Eudora has a client certificate that it received during it's first
ed> >ed> attempt to send through sendmail and it is trusted.
ed> >
ed> >Really?  OK, though that's an odd way to handle things.  You're sure
ed> >you're not micing up client and server certificates?
ed> 
ed> Did I choose my terms incorrectly?  Still learning my way around the 
ed> concepts...
ed> 
ed> Let's try this, when I first attempt to send through the server with SSL 
ed> enabled, Eudora will return an error "Cert chain not trusted.  Try adding 
ed> this certificate to your certificate database for SSL to succeed.  Cause: 
ed> {-6995}"
ed> 
ed> So, I add it to the trusted using the certificate manager and try to send 
ed> again which is when I get the errors I reported in my first message to the 
ed> list.

OK, that's a certificate that is needed for Eudora to be able to
validate the server certificate that sendmail sends to Eudora as
part of the ServerHello.  Probably the root certificate.  This
is not the client certificate that Eudora is supposed to send
to sendmail.

I don't run Eudora, so I've no idea what to tell you about it.  Try
looking for something called "Personal certificates" or something like
that.  The point is that you need to have a client certificate issued
to you, and it needs to be issued by a CA that that particular
sendmail trusts.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to