Friday, April 21, 2006

magic-smtpd and TLS

To get magic-smptd working with TLS.

From my qmailrocks.org installation of qmail. I made a symlink from /var/qmail/bin/magic-smptd to /var/qmail/bin/qmail/qmail-smptd

I then configured a bunch of files in /etc/magic-mail/control the ones applicable to TLS can be seen here, out put provided by magic-smptd -s

loaded | tls_cadir | /usr/lib/courier/rootcerts/
default | tls_cafile | (null)
loaded | tls_certificate | /var/qmail/control/servercert.pem
loaded | tls_dhparams | /var/qmail/control/servercert.pem
loaded | tls_enable | 1
loaded | tls_keyfile | /var/qmail/control/servercert.pem
default | tls_password | (null)

The problem I found with the .pem file created in the qmailrocks.org instructions was that it doesn't contain the DH part. So I found if I followed the relevent instructions for magic-smtpd and cat'ed the DH to my .pem things worked.

The other tip is to make sure the CN (Common Name) is the fqdn of your mail server.

Comments: Post a Comment



<< Home

This page is powered by Blogger. Isn't yours?