If the system considers something to be wrong with the SSL certificates that you want to upload (at 'SMTP | TLS Certificates | Upload New Certificates'), it will reject the upload (without any warning or information). This article describes how the certificates can be manually uploaded.
Resolving the problem
- Make sure the certificates are in PEM format (if not, you may convert the certificate with openssl x509 -inform der -in MY_CERT.cer -out MY_CERT.pem)
- Put the certificate and the private key as server.key and server.cert to /etc/xmail/
- Open /etc/xmail/server.tab and set "EnableSMTP-TLS" from "0" to "1" (if it is not already set)
You may test the TLS connection and if the certificate can be properly verified with the following command:
openssl s_client -starttls smtp -crlf -connect 127.0.0.1:25 -CAfile /etc/apache2/ssl.crt/ca-bundle.crt
If the above information does not resolve your issue, please contact IBM Security Systems Customer Support.
|Security||Lotus Protector for Mail Security||Platform Independent||2.8||All Editions|