On Wed, 31 Aug 2011 16:34:08 +0300, gaby wrote:
I use postfix with TLS optiion.I create certificates in same mod as
postfix documentation.It is Ok,postfix is perfect functionaly
I import CA certificate from PEM format in DER format then was
installed
in
wihttps://www.hachmer.de/?_task=mail&_id=3540788874e5e6600794b1&_action=compose#ndows
as trusted certificate.
Which certification store you exactly use? In windows 7 it is called
"Trusted Root Certification Authorities".
Verify to store it in the current user account store as well as in the
computer account store.
When I send email with outlook,or outlook express,is received follow
error:
"The server you are connected to is using a security certificate that
could not be verified.
A certificate that can only be used as an end-entity is being used as
a
CA or visa versa.
Do you want to continue using this server?"
If click yes It function normaly.
What is problem with CA certificate?
Maybe you configured postfix to use the CA certificate? You should use
a server certificate signed by your own created CA.
Key usage must contain "server authentication" - oid 1.3.6.1.5.5.7.3.1
(http://www.oid-info.com/get/1.3.6.1.5.5.7.3.1) and may contain if
you're going to use ist "client authentication" - oid 1.3.6.1.5.5.7.3.2
(http://www.oid-info.com/get/1.3.6.1.5.5.7.3.2).
Greetz, Tobias
