× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 2017

Re: DCM cert for Apache settings


No, it doesn't need to present a certificate. That would be absurd for
everyone that needed to use this relay to have to generate a client
certificate or figure out how to make something like a printer or scanner
present a certificate.


I agree that "present" is not the right term. Somehow this discussion
detoured into "client certificates" and how they might be used for
authentication. I didn't have anything to do with that.

What I did assert, was that it is common to use self-signed certificates
for TLS in mail-relay and web services. Google's mail relay is an example
of that.

As far as mechanics is concerned, a self-signed certificate may be
"assigned" to the IBM i SMTP Client. Without an "assigned" certificate,
Google will reject the TLS conversation.


When you set up the gmail relay to use TLS, that means the client should
expect to use a TLS connection and trust the certificate presented by the
server.


That's right. In addition to assigning a self-signed certificate to the
SMTP Client, you must also configure a "trust list", consisting of the
certificates presented by the server. Both steps are necessary.

BTW, how are you sending user/pw to this relay? I bet you're not.


You bet I'm not sending User+PW to the relay? You didn't read my last
message.

The User+Password is configured using the ADDSMTPLE TYPE(*HOSTAUTH)
command. And Yes, smtp-relay.gmail.com requires it for TLS.

Your elaborations about the IBM i SMTP Client not supporting that are not
worth responding to.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.