HP-UX Mailing Services Administrator's Guide
Sendmail 8.13.3
New Features in Sendmail 8.13.3
Chapter 3126
Support for Secured Mail Transaction using STARTTLS
STARTTLS is the SMTP command to "Start Transport Layer Security”;
or in other words to turn on Secure Socket Layer (SSL). Transport Layer
Security (TLS) provides authentication (identification), privacy,
confidentiality, and integrity for securing a mail transaction. TLS uses
different STARTTLS algorithms for encryption, signing, and message
authentication.
The STARTTLS configuration uses the following variables:
UseTLS Enables the TLS handshake in the SMTP
transaction. You can set this variable to either
True or False. Following is the option in the
sendmail.cf file:
# O UseTLS=False
CERT_DIR Specifies the directory for storing Sendmail
certificates. Following is the option in the
sendmail.cf file:
# CA directory
O CACertPath=/etc/mail/certs/
CACERT_PATH Specifies the path that stores the certificates of all
the Certificate Authorities known to the Sendmail
server.
CACERT Specifies the file containing the certificate of the
Certificate Authority that issued the certificate of
the Sendmail server.
SERVER_CERT
and CLIENT_CERT Refers to the server and client certificate. These
variables indicate that the certificate of the server
is used when acting as a server and when acting as
a client. Following is the option in the
sendmail.cf file:
# Server Cert
OServerCertFile=/etc/mail/certs/oldcert.pem
# Client Cert
OClientCertFile=/etc/mail/certs/oldcert.pem