Date:  Mon, 15 Oct 2007 17:00:24 -0400
From:  "Greg Shaffer" <shaffer.greg (at mark) gmail.com>
Subject:  [coba-e:10898] Re: Certificate issue
To:  coba-e (at mark) bluequartz.org
Message-Id:  <c0d82ef30710151400v30e1dfe9wbbe7c439a15a94b2 (at mark) mail.gmail.com>
In-Reply-To:  <19a401c80e2f$b5f54120$010510ac@gregg>
References:  <200710110157.l9B1v0iH088894 (at mark) info.eis.net.au>	 <20071012150734.h1mul6ho2s0k8skc (at mark) webhost05.perpetua.org.uk>	 <20071012235134.3ea81c04 (at mark) patricko>	 <20071012183802.kzkteis6ckkg080k (at mark) webhost05.perpetua.org.uk>	 <20071012205043.M58934 (at mark) mediapie.nl>	 <0a8a01c80d6c$a9cbe480$010510ac (at mark) gregg>	 <c0d82ef30710131643k663eba9ar8069e4fff8e27cd3 (at mark) mail.gmail.com>	 <19a401c80e2f$b5f54120$010510ac (at mark) gregg>
X-Mail-Count: 10898

Gregg <greggk1 (at mark) cox.net> wrote:
>
> Thanks, I still haven't gotten it to work yet.
> I created the certificate for the main server site, is that a problem?

No, actually I have come to the conclusion that at least as far as
email goes, you only need the cert for the main server/host and then
you use that host name as your pop over SSL and smtp over SSL hosts.

I'm not sute, but I think what you may be missing is that in addition
to /etc/admserv/certs, you need another copy of the same cert (and
associated files)  in /usr/share/ssl/certs as per what I said here;

> > I also used the host certificate in /usr/share/ssl/certs
> > for sendmail.  The format is slightly different in that you have to
> > combine the cert and the key in one file (sendmail.pem , which just
> > contains the text lines from each of the 2 files).  You also need a
> > copy of the goddady bundle renamed "ca-bundle.crt" .

Once you do that, you need to restart saslauthd.

I hope this helps.

Greg


-- 
Greg Shaffer