Hi All, I was wondering if anyone has ever run into this problem. It looks like I have everything setup properly. I followed a howto that I believe was written by falko for fedora 12 postfix courier-imap amavisd spamassasin. I started by trying to use a self signed cert but obviously outlook 2007 and other email clients complained about not being able to trust the certificate. So I looked into buying a rapidssl certificate. Apparently I can use a rapidssl certificate for postifx BUT now outlook 2007 tells me "All of the intended purposes of this certificate could not be verified" has anyone ever seen this error? I have been trying to get this cert issues resolved for a week now and its drivingme crazy ! I just want to be able to put this new email server into production without having to worry about my customer's getting annoying error messages in their email clients. if anyone can help me with this it would be grately apreciated!!!!
I spent all day talking with a support rep from rapidssl last week and he basically told me that the certs they send out all have the 4 keys identified. I was trying to explain to the cupport guy that to me it really seemed like the cert contained more key usages than I needed and that I just wanted to have a cert that only contains the ones I needed. He told me all rapidssl certs are signed by the root with all 4 keys... I guess I should try calling them this time? Can you tell me which of the 4 keys the cert should contain? Also, do I need to specify which key usages I would like the cert to contain when i create the CSR file? If so how do I do this? is it through the openssl.cnf file ? Anyone that can help please by all means helppppppppp!
Well the rapidssl tech is sending an issue to their engineers to try to have a certificate issued to me that will only have Digital Signature, Non-Repudiation key usage specified. I sure hope they can issue me a cert with just the keys that a re required.