generate pem file for qpsmtpd+ssl 465
{ Posted on Dec 06 2008 by lucas }
If you want to use qpsmtpd in port 465 you have to use ssl. The easiest way to do it is following the qpsmtpd instructions: http://wiki.qpsmtpd.org/config:smtps. But you have to create a certificate.
This is the simpliest way to do it:
- Use your favorite app manager for your linux distro. Install stunnel.
- cd /etc/ssl (in debian) and generate pem file.
- $openssl req -new -x509 -days 3650 -nodes -config openssl.cnf -out stunnel.pem -keyout stunnel.pem
- You have to fill in the next questions: Country Name, State or Province Name, Locality Name, Organization Name, Organizational Unit Name, Common Name and Email Address.
- After this step you will have a stunnel.pem file.
- $openssl gendh 512 >> stunnel.pem
- This generates Diffie-Hellman parameters, and appends them to the pem file.
- To check the process and verify the certificate is ok, type: “openssl x509 -subject -dates -fingerprint -in stunnel.pem” and check the information.
After having generate the pem file, follow the instructions and you will have qpsmtpd runing in 465 port properly.
Remember the stunnel version is 3 or the wrapper for version 3 built in version 4.