Date: Wed, 29 Aug 2012 06:38:13 -0400 (EDT) From: AN <andy@neu.net> To: freebsd-questions@freebsd.org Subject: TLS config help Message-ID: <alpine.BSF.2.00.1208290601530.80429@mail.neu.net>
next in thread | raw e-mail | index | archive | help
Following the directions at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssl.html Trying to configure TLS and sendmail using the following steps # openssl dsaparam -rand -genkey -out myRSA.key 1024 # openssl gendsa -des3 -out myca.key myRSA.key # openssl req -new -x509 -days 365 -key myca.key -out new.crt ]# ls -l /etc/certs/ total 10 -rw-r--r-- 1 root wheel 963 Aug 29 05:39 cert.pem -rw------- 1 root wheel 804 Aug 29 05:50 myRSA.key -rw------- 1 root wheel 1264 Aug 29 05:51 myca.key -rw-r--r-- 1 root wheel 1773 Aug 29 05:53 new.crt -rw-r--r-- 1 root wheel 603 Aug 29 05:39 req.pem After restarting sendmail I get the following in /var/log/mailog Aug 29 05:39:55 mail sm-mta[8574]: NOQUEUE: stopping daemon, reason=signal Aug 29 05:39:55 mail sm-mta[8618]: starting daemon (8.14.5): SMTP+queueing@00:30:00 Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server, error: SSL_CTX_use_PrivateKey_file(/etc/certs/myca.key) failed Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:0906D06C:PEM routines:PEM_read_bio:no start line:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem_lib.c:648:Expecting: X509 CRL Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:0906406D:PEM routines:PEM_def_callback:problems getting password:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem_lib.c:105: Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:0906A068:PEM routines:PEM_do_header:bad password read:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/pem/pem_lib.c:406: Aug 29 05:39:55 mail sm-mta[8618]: STARTTLS=server: 8618:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/ssl_rsa.c:669: Aug 29 05:39:55 mail sm-mta[8618]: started as: /usr/sbin/sendmail -L sm-mta -bd -q30m Any help is appreciated.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1208290601530.80429>