Prev: Smtp Mail Gateway
Next: Replicating email to a test box
From: Stacy Millions on 27 May 2010 00:29
I have what I thought were fairly straight forward requirements. I
wanted to force all connections to require authenticated TLS and then
only allow users with certs that I issued to relay mail.

I setup
confCACERT=
confCACERT_PATH=
confSERVER_CERT=
confSERVER_KEY=
confCLIENT_CERT=
confCLIENT_KEY=

and put the following in my access db
TLS_Clt: VERIFY
CERTIssuer:/C=... RELAY

So far so good, then I tried setting confCRL. The problem is that I have
three CAs, and each issues a CRL. I tried stacking all three CRLs in one
file, but only one of the CRLs would be loaded.

The attached patch causes all of the CRLs to load.

This hasn't received very much testing (about 15 minutes worth so far)
so it may cause your server to come down with dutch elm disease.

-stacy

 | 
Pages: 1
Prev: Smtp Mail Gateway
Next: Replicating email to a test box