IBM Support

Manually Uploading SSL Certificates for TLS

Technote (troubleshooting)


If the system considers something to be wrong with the SSL certificates that you want to upload (at 'SMTP | TLS Certificates | Upload New Certificates'), it will reject the upload (without any warning or information). This article describes how the certificates can be manually uploaded.

Resolving the problem

- Make sure the certificates are in PEM format (if not, you may convert the certificate with openssl x509 -inform der -in MY_CERT.cer -out MY_CERT.pem)
- Put the certificate and the private key as server.key and server.cert to /etc/xmail/
- Open /etc/xmail/ and set "EnableSMTP-TLS" from "0" to "1" (if it is not already set)

You may test the TLS connection and if the certificate can be properly verified with the following command:
openssl s_client -starttls smtp -crlf -connect -CAfile /etc/apache2/ssl.crt/ca-bundle.crt

If the above information does not resolve your issue, please contact IBM Security Systems Customer Support.

Cross reference information
Segment Product Component Platform Version Edition
Security Lotus Protector for Mail Security Platform Independent 2.8 All Editions

Document information

More support for: Lotus Protector for Mail Security

Software version: 2.8

Operating system(s): Platform Independent

Software edition: All Editions

Reference #: 1578722

Modified date: 19 January 2012

Translate this page: