Update: Problem solved
Solution: The old certificate was a SSL server certificate only. For TLS receiving/sending you need a certificate with SSL client and SSL server purposes.
Best regards,
Morten
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Alexander Dalloz Sent: Tuesday, September 21, 2010 9:55 AM To: CentOS mailing list Subject: Re: [CentOS] Sendmail TLS verify=fail
Am 21.09.2010 01:28, schrieb Morten P.D. Stevens:
Hi,
I have a small question with sendmail and tls verification.
The tls verify fails on our internal/external sendmail servers.
For example:
STARTTLS=server, relay=mx1.imt-systems.com [89.146.219.60],
version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
STARTTLS=server, relay=acsinet12.imt-systems.com [89.146.219.42],
version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
What's the problem?
That means the server side does not know the CA of the certificate presented by the client.
http://www.sendmail.org/m4/starttls.html
The sendmail tls certificate should be okay on both servers.
Does anyone know something about this issue? (verify=fail)
http://www.sendmail.org/m4/starttls.html
Nothing serious. Just a log note.
Thank you.
Best regards,
Morten
Alexander _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos