Hey, On Fri, 2003-09-19 at 13:33, Marc-Christian Petersen wrote: > On Friday 19 September 2003 17:59, Brian Rectanus wrote: > > Hi Brian, > > > I cannot get STARTTLS to work with the newest snendmail in unstable. It > > *always* complains that the key file is group readable! Now, before you > > scream RTFM, I did use GroupReadableKeyFile! > > please copy "/usr/share/sendmail/examples/starttls.m4 to /etc/mail/tls and > execute 'sendmailconfig' after you copied the file over. > > It's an updated file you have to use by now. You should have read the install > message by the sendmail update and the changelog too ;p > You have to do the same with SASLv2 m4 if you use SASLv2. > Yeah, I had done that (for tls and sasl). It puts this in submit.cf: O DontBlameSendmail= ,GroupReadableKeyFile I thought maybe that screwed things up starting with a comma, so (as I wrote earlier) I just added a straight define(`confDONT_BLAME_SENDMAIL', `GroupReadableKeyFile') to give O DontBlameSendmail=GroupReadableKeyFile But *neither* work. Both put GroupReadableKeyFile in submit.cf, and seem to ignore it, giving me: STARTTLS=server: file /etc/mail/tls/sendmail-common.key unsafe: Group readable file > > Anyone else see this? > > yes, Solution above. Anyway, even after that, TLS does not work anylonger. I > always get "verify=NOT" if I try to send mail with my other clients. > 8.12.9-latest from SID before 8.12.10-1 works fine. > > -- > ciao, Marc I have gone to using the stable version until a fixed version is in unstable. Thanks, -Brian
Attachment:
signature.asc
Description: This is a digitally signed message part