At 12:01 01.08.2001, Per-fredrik Pollnow (EPK) wrote:
>Hi,
>
>I think I'm getting on you nerves in this mailing list with my SSL crap,
>but I need to get it to work.
>
>OK, This is what I have done: I have remake qmail-1.03 with tls.patch, and
>I replaced the qmail-smtpd and qmail-remote binary. I have done a
>/var/qmail/control/servercert.pem (and I have openssl installed (default
>in the O/S [OpenBSD2.9] hmm else I couldn't install the cert.)).
>
>That's it, But I get this error messages in my client:
>
>Unable to establish a SSL connection with the server. Account:
>'136.225.42.56', Server: '136.225.42.56', Protocol: SMTP, Server Response:
>'454 TLS not available: missing RSA private key (#4.3.0)', Port: 25,
>Secure(SSL): Yes, Server Error: 454, Error Number: 0x800CCC7F
>
>If someone knows what the problem is, please mail me and the mailing list
>a E-mail :=).
Incidentally I just got this to work yesterday on a server of mine. I had
initial problems too, but I got rid of them with the following steps:
- on "make cert" in the patched qmail-1.03 dir, entered the machines
hostname for "Common name (...)"
- removed "fixcrio" from the qmail-smtpd invocation line (hmm, try removing
rblsmtpd too if you use it?)
- created /var/qmail/control/tlsserverciphers with "DEFAULT" as the only
content
I dunno which of the above steps are really necessary, but it works here
now with Eudora-5.1 as the client. Now I have to find out how to teach
qmail-pop3 TLS...
Franz.
