Mailing List CGatePro@mail.stalker.com Message #102592
From: Urs Grützner <ugruetzner@ems.ch>
Subject: Re: SSL and self signed certificates
Date: Wed, 26 Oct 2011 16:26:49 +0200
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: Apple Mail (2.936)
Thanks Tom for your help


 @1) how do I make the SSL  setup for hosts and clients independently? When I click the option SSL in SMTP listener Port 587, then hosts try to use SSL and I run into that problem


@2) Its not the matter of an absolute budget, just a question of benefit.  Even if the conection between two host are safe, the leak can be in the connection to the next client. What then?

May be my consideration is stupid, then I am happy to learn.

If a trusted cert makes sense also for us, what authority to use is recommended?

Thanks


Urs



From:
Tom Rymes <trymes@rymes.com>
Subject:
Re: SSL and self signed certificates
Date:
Wed, 26 Oct 2011 08:31:40 -0400
To:
CommuniGate Pro Discussions <CGatePro@mail.stalker.com>



On 10/26/2011 3:03 AM, Urs Grützner wrote:

An authorized certificate is expensive and is due every year, but what
are self signed certificates worth for?

<snip>

How do other treat this problem? Dou you use self signed certificates?
Do you use SSL?

I would suggest the following:

1.) If you are running a self-signed cert, do not use SSL to connect to other hosts. Only use SSL for connections to clients.

2.) If you do not have sufficient budget to cover the costs of an SSL certificate, then perhaps you should not be running your own server. Use a service such as Google's hosted e-mail or something provided by your ISP.

My $0.02,

Tom

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster