John McCoy, Jr wrote:
> Exactly what certs and keys are needed and in what format?
Did you read the patch? Do you understand how SSL certificates work?
- provide a certificate in /var/qmail/control/cert.pem.
"make cert" makes a self-signed certificate.
"make cert-req" makes a certificate request.
Note: nsCertType must be = server,client or be a generic
certificate (no usage specified). If you want to use
a separate cert in qmail-remote (SMTP client), then
s/cert\.pem/clientcert\.pem/ in qmail-remote.c.
cert.pem must be a complete certificate, private key and all. Read the
Makefile post-tls-patch and see what the 'cert' target and the 'cert-req'
target do, it should answer both your questions.
--
Jamie Heilman http://audible.transient.net/~jamie/
"I was in love once -- a Sinclair ZX-81. People said, "No, Holly, she's
not for you." She was cheap, she was stupid and she wouldn't load
-- well, not for me, anyway." -Holly
