The following lists a few resources that provide additional guidance to certificate
creation and management:
http://www.sendmail.org/~gshapiro/security.pdf
A brief tutorial that describes sendmail security in general, and provides examples
of certificate creation.
http://www.openssl.org/docs/
Online documentation for openssl(8) and its various applications and
commands.
Network Security with OpenSSL
By John Viega, Matt Messier, and Pravir Chandra (O??™Reilly). Provides a full
description of OpenSSL, including how to create certificates and how to sign
them.
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc. All rights reserved.
5.3 STARTTLS | 211
SSL and TLS: Designing and Building Secure Systems
By Eric Rescorla (Addison Wesley Professional). A higher-level book that covers
the protocols of SSL and TLS Internet security.
5.3.5 Add STARTTLS Support to Your mc File
After you have built sendmail withSTARTTLS support (?§5.3.3 on page 205), and
after you have created certificates for use with sendmail, you must set up your configuration
file to use STARTTLS. There are eight mc configuration file macros that you
can use to do this. Based on what we have shown in the previous sections, one way
to define them might look like this:
define(`CERT_DIR??, `/etc/mail/CA??)
define(`confCACERT_PATH??, CERT_DIR)
define(`confCACERT??, CERT_DIR`/cacert.
Pages:
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402