Guest_imported
New member
- Jan 1, 1970
- 0
Hello Sendmail-freaks,
After a lot of tries, I don't get my TLS working correctly.
I think he encrypts, but it seams he can't read the certificate completely. In the headers of the email you'll the the following after receival:
(version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO)
In the maillog I get the following:
sm-mta[8453]: starting daemon (8.12.2): SMTP+queueing@01:00:00
sm-mta[8453]: STARTTLS=server, Diffie-Hellman init, key=512 bit (1)
sm-mta[8453]: STARTTLS=server, init=1
sm-mta[8453]: started as: /usr/local/sbin/sendmail -L sm-mta -O
LogLevel=14 -bd -q1h
sm-mta[8074]: STARTTLS=server, relay=windows2000 [192.168.0.2],
version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128
sm-mta[8074]: STARTTLS=server, cert-subject=, cert-issuer=
sm-mta[8074]: AUTH: available mech=LOGIN PLAIN ANONYMOUS, allowed
mech=LOGIN PLAIN GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
sm-mta[8074]: AUTH=server, relay=windows2000 [192.168.0.2],
authid=unix, mech=LOGIN, bits=0
sm-mta[8074]: g1BFASxs008074: from=<unix@chello.nl>, size=792,
class=0, nrcpts=1,
msgid=<DCEOKNMNLJMDPKFHLMPHOEAPCGAA.unix@chello.nl>, proto=ESMTP,
daemon=MTA, relay=windows2000 [192.168.0.2]
As one can see, sendmail recognized the key as a 512 bit key, but I am sure that I made it 1024 bit with openssl.
I am my own CA so it's a self-issued certificate.
Is this behaviour because of this, or is it another problem? Of course I looked through all sendmail tutorials, but I can't seem to find a solution. Does anyone have a clue what I am doing wrong ?
Thanks.
Rick
---
"Time is the best teacher. Unfortunately, it kills all its pupils"
- Hector-Louis Berlioz
After a lot of tries, I don't get my TLS working correctly.
I think he encrypts, but it seams he can't read the certificate completely. In the headers of the email you'll the the following after receival:
(version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO)
In the maillog I get the following:
sm-mta[8453]: starting daemon (8.12.2): SMTP+queueing@01:00:00
sm-mta[8453]: STARTTLS=server, Diffie-Hellman init, key=512 bit (1)
sm-mta[8453]: STARTTLS=server, init=1
sm-mta[8453]: started as: /usr/local/sbin/sendmail -L sm-mta -O
LogLevel=14 -bd -q1h
sm-mta[8074]: STARTTLS=server, relay=windows2000 [192.168.0.2],
version=TLSv1/SSLv3, verify=NO, cipher=RC4-MD5, bits=128/128
sm-mta[8074]: STARTTLS=server, cert-subject=, cert-issuer=
sm-mta[8074]: AUTH: available mech=LOGIN PLAIN ANONYMOUS, allowed
mech=LOGIN PLAIN GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
sm-mta[8074]: AUTH=server, relay=windows2000 [192.168.0.2],
authid=unix, mech=LOGIN, bits=0
sm-mta[8074]: g1BFASxs008074: from=<unix@chello.nl>, size=792,
class=0, nrcpts=1,
msgid=<DCEOKNMNLJMDPKFHLMPHOEAPCGAA.unix@chello.nl>, proto=ESMTP,
daemon=MTA, relay=windows2000 [192.168.0.2]
As one can see, sendmail recognized the key as a 512 bit key, but I am sure that I made it 1024 bit with openssl.
I am my own CA so it's a self-issued certificate.
Is this behaviour because of this, or is it another problem? Of course I looked through all sendmail tutorials, but I can't seem to find a solution. Does anyone have a clue what I am doing wrong ?
Thanks.
Rick
---
"Time is the best teacher. Unfortunately, it kills all its pupils"
- Hector-Louis Berlioz