Manually Uploading SSL Certificates for TLS

Technote (troubleshooting)


Problem

If the system considers something to be wrong with the SSL certificates that you want to upload (at 'SMTP | TLS Certificates | Upload New Certificates'), it will reject the upload (without any warning or information). This article describes how the certificates can be manually uploaded.

Resolving the problem

- Make sure the certificates are in PEM format (if not, you may convert the certificate with openssl x509 -inform der -in MY_CERT.cer -out MY_CERT.pem)
- Put the certificate and the private key as server.key and server.cert to /etc/xmail/
- Open /etc/xmail/server.tab and set "EnableSMTP-TLS" from "0" to "1" (if it is not already set)

You may test the TLS connection and if the certificate can be properly verified with the following command:
openssl s_client -starttls smtp -crlf -connect 127.0.0.1:25 -CAfile /etc/apache2/ssl.crt/ca-bundle.crt


If the above information does not resolve your issue, please contact IBM Security Systems Customer Support.

Cross reference information
Segment Product Component Platform Version Edition
Security Lotus Protector for Mail Security Platform Independent 2.8 All Editions

Rate this page:

(0 users)Average rating

Document information


More support for:

Lotus Protector for Mail Security

Software version:

2.8

Operating system(s):

Platform Independent

Software edition:

All Editions

Reference #:

1578722

Modified date:

2012-01-19

Translate my page

Machine Translation

Content navigation