Operation timed out with smtp.gmail.com - please help
Jerry
jerry at seibercom.net
Sat Mar 30 11:56:26 UTC 2013
On Sat, 30 Mar 2013 10:49:45 +0000
Matthew Seaman articulated:
> Given you're seeing that CONNECTED message there, it certainly does.
> The problem with that openssl command seems to be the 'unable to get
> local issuer certificate' part. That's possibly openssl being pickier
> about verifying certs than sendmail would be, but that certificate
> verification step is probably where you're coming adrift. You need to
> have the intermediate certs used by Google in your cacert.pem file, so
> sendmail will trust the smtp.gmail.com cert. Check the 'confCACERT'
> setting in your sendmail.mc. I have a block of code like this:
>
> define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
> define(`confCACERT_PATH', `CERT_DIR')dnl
> define(`confCACERT', `CERT_DIR/cacert.pem')dnl
> define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
> define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl
> define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl
> define(`confCLIENT_KEY', `CERT_DIR/key.pem')dnl
>
> which allows me to put all the keys and certs in /etc/mail/certs/
If you really need the Gmail certs, you can use this to get them:
openssl s_client -connect smtp.gmail.com:587 -starttls smtp -showcerts
If you feel you really need the "Equifax Secure Certificate Authority"
pem, go here <http://www.geotrust.com/resources/root-certificates/> and
download it.
Again, how to set up Sendmail is a task I leave for the student.
--
Jerry ♔
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20130330/7c5c0cbb/attachment.sig>
More information about the freebsd-questions
mailing list