[CentOS] Sendmail TLS verify=fail

Tue Sep 21 07:55:01 UTC 2010
Alexander Dalloz <ad+lists at uni-x.org>

Am 21.09.2010 01:28, schrieb Morten P.D. Stevens:
> Hi,
> 
> I have a small question with sendmail and tls verification.
> 
> The tls verify fails on our internal/external sendmail servers.
> 
> For example:
> 
> STARTTLS=server, relay=mx1.imt-systems.com [89.146.219.60], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
> 
> STARTTLS=server, relay=acsinet12.imt-systems.com [89.146.219.42], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
> 
> What's the problem?

That means the server side does not know the CA of the certificate
presented by the client.

http://www.sendmail.org/m4/starttls.html

> The sendmail tls certificate should be okay on both servers.

> Does anyone know something about this issue? (verify=fail)

http://www.sendmail.org/m4/starttls.html

Nothing serious. Just a log note.

> Thank you.
> 
> Best regards,
> 
> Morten

Alexander