Sendmail with SSL

From test.coolscript.org
Jump to navigation Jump to search

Howto setup Sendmail with a CA signed certificate

  • Create private key
openssl genrsa -des3 -out server.key 2048
  • Create CSR
openssl req -new -key server.key -out server.csr
  • Remove Pwd
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
  • Alternative self sign:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
  • Edit /etc/mail/tls/starttls.m4
dnl Intermediate cert
define(`confCACERT',           `/etc/mail/tls/Postitive2.pem')dnl   # <= EDIT
Cert and key
define(`confSERVER_CERT',     `/etc/mail/tls/mail.domain.com.crt')dnl   # <= EDIT
define(`confSERVER_KEY',      `/etc/mail/tls/mail.domain.com.key')dnl   # <= EDIT
  • Test
openssl s_client -starttls smtp -connect mail.intern:25


  • Links

http://wiki.samat.org/CheatSheet/OpenSSL
https://groups.google.com/forum/#!topic/comp.mail.sendmail/fkMqNUxiL9Q
http://mikeberggren.com/post/4346878392/sendmail-tls-setup
http://mikeberggren.com/post/28429473721/chain-check


keys ssl intermediate mail tls starttls STARTTLS sendmail