I'm attmpting to enable STARTTLS in sendmail. According to the documentation I have found Creating a CA and uncommenting some lines in sendmail.cf seem to be all that is needed. After trying (and failing) with Sendmail-8.11.0-8 (Current RH7 RPM) I found bug ID 19534 which discusses building sendmail with AUTH and STARTTLS. The notes indicate 'The current rpm should be ok' however no indication of what 'current' is was made. I installed the latest sendmail RPM (from rawhide as listed below) and have had no further luck with it. Reproducible: Always Steps to Reproduce: Place this in your sendmail.cf file after generating the appropriate files with openssl and restart. (Note: The directives below already exist, sans parameters, only commented out) # CA directory O CACERTPath /usr/share/ssl/certs/ # CA file #O CACERTFile # Server Cert O ServerCertFile /usr/share/ssl/certs/sendmail.pem # Server private key O ServerKeyFile /usr/share/ssl/certs/sendmail.pem # Client Cert O ClientCertFile /usr/share/ssl/certs/sendmail.pem # Client private key O ClientKeyFile /usr/share/ssl/certs/sendmail.pem # DHParameters (only required if DSA/DH is used) #O DHParameters # Random data source (required for systems without /dev/urandom under OpenSSL) #O RandFile Actual Results: [root@maximus /etc]# init.d/sendmail start Starting sendmail: 554 5.0.0 /etc/sendmail.cf: line 477: readcf: unknown option name CACERTPath /usr/share/ssl/certs/ 554 5.0.0 /etc/sendmail.cf: line 481: readcf: unknown option name ServerCertFile /usr/share/ssl/certs/sendmail 554 5.0.0 /etc/sendmail.cf: line 483: readcf: unknown option name ServerKeyFile /usr/share/ssl/certs/sendmail 554 5.0.0 /etc/sendmail.cf: line 485: readcf: unknown option name ClientCertFile /usr/share/ssl/certs/sendmail 554 5.0.0 /etc/sendmail.cf: line 487: readcf: unknown option name ClientKeyFile /usr/share/ssl/certs/sendmail [FAILED] Installed RPMs: sendmail-cf-8.11.2-9 sendmail-doc-8.11.2-9 sendmail-8.11.2-9 openssl-0.9.5a-14 openssl-devel-0.9.5a-14
Newer rpms should work fine with this. Thanks, Florian La Roche