You are not logged in.
Was quite frustrated over openssl. With
openssl s_client -connect smtp.gmail.com:587 -starttls smtp
I always get a failure: Verify return code: 21 (unable to verify the first certificate)
But with
openssl s_client -connect smtp.gmail.com:587 -starttls smtp -CAfile /etc/ssl/cacert.pem
authentication passes. In my openssl.cnf, I have:
dir = /etc/ssl # Where everything is kept
certs = $dir/certs # Where the issued certs are kept
crl_dir = $dir/crl # Where the issued crl are kept
database = $dir/index.txt # database index file.
#unique_subject = no # Set to 'no' to allow creation of
# several ctificates with same subject.
new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
I have made a link to my CA file ( /etc/ssl/cacert.pem ) under ~/.authenticate. It did not help.
Will really appreciate some help here
Offline
Without -CAfile option, openssl s_client should try to locate the default CA.
My real problem is not being able to use esmtp to connect over SSL...
Offline