Knowledgebase
Certificate Installation: Sendmail (MTA)
|
|
Sendmail can be configured to encrypt email via the secure socket layer (SSL) when you want to send and receives emails. 1) Open sendmail configuration file /etc/mail/sendmail.mc (although your distribution might keep it elsewhere) using text editor such as vi, emacs, nano with write access: # vi /etc/mail/sendmail.mc Now append/modify following directives: define(`confCACERT_PATH',`/etc/mail/ssl/certs') -- location to find certificates define(`confCACERT',`/etc/mail/ssl/ca-bundle.crt') -- Root Bundle file (Make sure you select your server software as Apache & mod_ssl) define(`confSERVER_CERT',`/etc/mail/ssl/sendmail.crt') -- Domain Certificate define(`confSERVER_KEY',`/etc/mail/ssl/sendmail.key') And make sure port is set to smtps (secure smtp i.e. port 465): DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl 2) Restart sendmail and secure pop3s/imaps (optional, use the following if using POP/IMAP) Type the following commands to restart sendmail and related services: # /etc/init.d/sendmail restart # chkconfig pop3s on # chkconfig imaps on # /etc/init.d/xinetd restart pop3s and imaps will start from xinetd Please note the following: * All certificates provided by Comodo are in PEM format. * .key file needs to have owner read/write permission for the owner, not group. * define(`confLOG_LEVEL', `14')dnl ## Will help with debugging. Can be commented out or put back to its default level of 9 when done. | |
|
Comments (0)