Re: DCM cert for Apache settings

On Thu, Mar 9, 2017 at 12:07 PM, Nathan Andelin <nandelin@xxxxxxxxx> wrote:

Yes.

The client side rarely uses an SSL certificate, especially in cases like
using an SMTP server/relay. SSL or TLS doesn't matter either. TLS is
just SSL but starting the SSL handshake later in the communications.

The only time I've personally seen a client side certificate used is with
web services when the server requires the use of a client side SSL
certificate.

Apparently your understanding and mine differ. That's okay, I'll test what
you're saying. My understanding is that the client certificate is used to
encrypt the transmission, and that without the key, the mail-relay would
not know how to decipher it.

That's pretty obvious throughout this thread.

In no way should a client sending mail need a client side certificate.
But send me a link to the docs that state that if you find it.

You can "require TLS" for your mail relay with google, but that's on the
server side, optional, and using the gmail relay is really just a
workaround (ie quick bandaid) for using the proper mail router for your
organization when your email client can't handle authentication and/or
SSL/TLS.

Bradley V. Stone
www.bvstools.com
Native IBM i e-Mail solutions for Microsoft Office 365, Gmail, or any Cloud
Provider!