I have an original sendmail.pem that was generated with /etc/pki/tls/certs/make-dummy-cert (which is similar to /etc/pki/tls/certs/Makefile), but it's now expired.
I tried to use the script below to extract the key, subject, and serial #, and generate a new cert based on the same, but for whatever reason Thunderbird balks at it with: Oct 27 16:59:26 mail sendmail[6025]: STARTTLS=server, error: accept failed=0, SSL_error=1, errno=0, retry=-1, relay=macbook.redfish-solutions.com [192.168.1.17] Oct 27 16:59:26 mail sendmail[6025]: STARTTLS=server: 6025:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:s3_pkt.c:1195:SSL alert number 42 Oct 27 16:59:26 mail sendmail[6025]: q9RMxQX8006025: macbook.redfish-solutions.com [192.168.1.17] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA What am I missing? And should that makefile have a: %.repem: %.pem dummy target that updates a cert? Or do we need a update-dummy-cert script additionally? Here's the script that I used to update the cert. Thanks, -Philip
repem.sh
Description: Bourne shell script
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
