On Wed, Mar 12, 2003 at 01:57:19PM -0600, Rich Puhek wrote: > I recently added SASL and TLS support to my SMTP server. Looks to be > working great, with one exception. My certificate was generated with the > local hostname, instead of the proper FQDN (hostname was the common name > of the machine, I need a cert for "smtp", since that's how my users > connect). Result is that users configured for TLS get a warning that > hotnames don't match. > > I've started digging through the OpenSSL docs. Looks like all I need to > do is regenerate the certificate interactively, and specify the desired > hostname, overriding the default. Problem is, I'm not sure about any > other switches I'll need. > > Is there a "Debian-way" to do this nice and cleanly? Has anyone else run > into (and solved) the issue? I'm not sure of an exact answer, but there is a 'mksslcert' program in Debian...I can't seem to find which package it's from, right now, but http://packages.debian.org/ will be able to tell you. -- Rob Weir <rweir@ertius.org> http://ertius.org/
Attachment:
pgpyJH6qmID7l.pgp
Description: PGP signature