From owner-freebsd-questions@FreeBSD.ORG Wed Dec 29 19:14:27 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 30CD116A4D0 for ; Wed, 29 Dec 2004 19:14:27 +0000 (GMT) Received: from smtpout.mac.com (smtpout.mac.com [17.250.248.89]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE46A43D31 for ; Wed, 29 Dec 2004 19:14:26 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from mac.com (smtpin02-en2 [10.13.10.147]) by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id iBTJEQic028781; Wed, 29 Dec 2004 11:14:26 -0800 (PST) Received: from [10.1.1.245] (nfw2.codefab.com [199.103.21.225] (may be forged)) (authenticated bits=0)iBTJEOBB022325; Wed, 29 Dec 2004 11:14:25 -0800 (PST) In-Reply-To: <41D30066.4020808@wilson.org.uk> References: <41D30066.4020808@wilson.org.uk> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Charles Swiger Date: Wed, 29 Dec 2004 14:14:23 -0500 To: Nick Wilson X-Mailer: Apple Mail (2.619) cc: freebsd-questions@freebsd.org Subject: Re: Sendmail TLS X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Dec 2004 19:14:27 -0000 On Dec 29, 2004, at 2:07 PM, Nick Wilson wrote: > if I set the permissions to add group readable, I get > > Dec 29 17:27:02 jericho sm-mta[659]: STARTTLS=server: file > /etc/certs/myca.key unsafe: Group readable file > > What owner, group and permissions should I set for myca.key? My .crt files have 644 permissions, and my .key files have 600 permissions, owned by root:daemon. [ Sendmail-8.12.11 + STARTTLS on FreeBSD-4.9 or 4.10... ] -- -Chuck