[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)

To: msmtp-users@lists.sourceforge.net
Subject: Re: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)
From: Martin Lambers <marlam@...23...>
Date: Tue, 2 Feb 2010 19:25:45 +0100
In-reply-to: <20100202171834.GG3750@...214...>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=msmtp-users>
List-help: <mailto:msmtp-users-request@lists.sourceforge.net?subject=help>
List-id: "General discussion, questions & answers" <msmtp-users.lists.sourceforge.net>
List-post: <mailto:msmtp-users@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/msmtp-users>, <mailto:msmtp-users-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/msmtp-users>, <mailto:msmtp-users-request@lists.sourceforge.net?subject=unsubscribe>
Mail-followup-to: msmtp-users@lists.sourceforge.net
Openpgp: id=15BC348B; url=http://www.marlam.de/key.txt
References: <20100202171834.GG3750@...214...>
User-agent: Mutt/1.5.18 (2008-05-17)

Hello Marcus!

On Tue, 02. Feb 2010, 18:18:34 +0100, Marcus C. Gottwald wrote:
> How can I make "msmtp" (version 1.4.19, Debian testing) trust
> a specific certificate? The certificate issuer is not known,
> I don't trust him, and I don't have a way to get hold of the
> certificate used to sign the one I'd like to trust.

There is currently no way to do that because there never was a need for
it.

The reason is that this situation does not match the TLS/SSL certificate
trust model. If the certificate issuer is not known and you do not trust
him, how can you trust a certificate he issued?

Nevertheless, one could add a 'tls_fingerprint' command that makes msmtp
trust one particular certificate, as an alternative to 'tls_trust_file'.
I guess this is how you tell other software packages to trust the
certificate, right?

Martin

Follow-Ups:
- Re: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)
  - From: "Marcus C. Gottwald" <mcg@...213...>

References:
- [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)
  - From: "Marcus C. Gottwald" <mcg@...213...>

Prev by Date: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)
Next by Date: Re: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)
Previous by thread: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)
Next by thread: Re: [msmtp-users] How to make msmtp trust a specific certificate (not a CA certificate, not a self-signed one)
Index(es):
- Date
- Thread