Highly Available HP-UX Internet Services (May 2008)

HP ServiceGuard Setup for LDAP-Enabled Sendmail

If the Lightweight Directory Access Protocol (LDAP) is enabled in Sendmail, ensure

that the LDAP server configured with Sendmail is accessible by all the HP ServiceGuard

nodes. The LDAP server specification is available in the LDAPDefaultSpec

configuration file option in the /etc/mail/sendmail.cf file.

HP ServiceGuard Setup for STARTTLS-Enabled Sendmail

If STARTTLS is enabled in Sendmail, ensure that following Sendmail configuration

options are configured with the files (/var/opt/sendmail/certs) in the shared

volume:

# CA directory

#O CACertPath

# CA file

#O CACertFile

# Server Cert

#O ServerCertFile

# Server private key

#O ServerKeyFile

# Client Cert

#O ClientCertFile

# Client private key

#O ClientKeyFile

# File containing certificate revocation lists

#O CRLFile

The /var/opt/sendmail/certs file must contain the permissions 755.

Ensure that the KRNG11i strong random number generator and the OpenSSL software

are installed on all the nodes in the cluster so that the random source file configured

using the O RandFile option is available on the all the nodes in the MC/ServiceGuard

cluster and OpenSSL is available on all the configured nodes, respectively.

HP ServiceGuard Setup for SASL AUTH-Enabled Sendmail

If Simple Authentication and Security Layer (SASL) AUTH is enabled in Sendmail,

complete the following steps:

1. To provide a symbolic link from the /usr/lib/sasl2/sendmail.conf file to

the /var/opt/sendmail/sendmail.conf file, enter the following command:

# ln –s /var/opt/sendmail/Sendmail.conf /usr/lib/sasl2/Sendmail.conf

NOTE: Ensure that the Sendmail AUTH configuration file (sendmail.conf) is

under the /var/opt/sendmail directory.

2. Copy the /etc/sasldb2 file to the /var/opt/sendmail directory.

Configuring Sendmail with HP ServiceGuard 15