Operation timed out with smtp.gmail.com - please help
jerry at seibercom.net
Sat Mar 30 11:56:26 UTC 2013
On Sat, 30 Mar 2013 10:49:45 +0000
Matthew Seaman articulated:
> Given you're seeing that CONNECTED message there, it certainly does.
> The problem with that openssl command seems to be the 'unable to get
> local issuer certificate' part. That's possibly openssl being pickier
> about verifying certs than sendmail would be, but that certificate
> verification step is probably where you're coming adrift. You need to
> have the intermediate certs used by Google in your cacert.pem file, so
> sendmail will trust the smtp.gmail.com cert. Check the 'confCACERT'
> setting in your sendmail.mc. I have a block of code like this:
> define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
> define(`confCACERT_PATH', `CERT_DIR')dnl
> define(`confCACERT', `CERT_DIR/cacert.pem')dnl
> define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
> define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl
> define(`confCLIENT_CERT', `CERT_DIR/cert.pem')dnl
> define(`confCLIENT_KEY', `CERT_DIR/key.pem')dnl
> which allows me to put all the keys and certs in /etc/mail/certs/
If you really need the Gmail certs, you can use this to get them:
openssl s_client -connect smtp.gmail.com:587 -starttls smtp -showcerts
If you feel you really need the "Equifax Secure Certificate Authority"
pem, go here <http://www.geotrust.com/resources/root-certificates/> and
Again, how to set up Sendmail is a task I leave for the student.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: not available
More information about the freebsd-questions