首先请求数字证书
root@PLAY ~]# mkdir -p /root/.certs/ ####创建目录,用来存放证书
[root@PLAY ~]# echo -n | openssl s_client -connect smtp.126.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/126.crt ####向126请求证书
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = GeoTrust RSA CA 2018
verify return:1
depth=0 C = CN, L = Hangzhou, O = "NetEase (Hangzhou) Network Co., Ltd", OU = Mail Dept., CN = *.126.com
verify return:1
DONE
[root@PLAY ~]# certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/126.crt ####添加一个证书到证书数据库中
[root@PLAY ~]# certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/126.crt ####添加一个证书到证书数据库中
[root@PLAY ~]# certutil -L -d /root/.certs ####列出目录下证书
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
GeoTrust SSL CA C,,
然后前往126邮箱打开smtp并获取客户端授权码
最后配置/etc/mail.rc
set bsdcompat
set from=test_wly@126.com
set smtp=smtps://smtp.126.com:465
set smtp-auth-user=test_wly@126.com
set smtp-auth-password=*********
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/root/.certs
此时test_wly@126.com收件箱就收到一封刚刚发的邮件了
看起来已经成功了,但是发送完邮件还有报错:证书不被信任,且命令行就此卡住,需要按键才能出现命令提示符
Error in certificate: Peer's certificate issuer is not recognized.
[root@PLAY ~]# cd /root/.certs/
[root@PLAY .certs]# ll
total 80
-rw-r--r-- 1 root root 1793 Jul 6 14:36 126.crt
-rw------- 1 root root 65536 Jul 6 14:37 cert8.db
-rw------- 1 root root 16384 Jul 6 14:37 key3.db
-rw------- 1 root root 16384 Jul 6 14:37 secmod.db
[root@PLAY .certs]# certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ./ -i 126.crt
Notice: Trust flag u is set automatically if the private key is present.
首先请求数字证书
root@PLAY ~]# mkdir -p /root/.certs/ ####创建目录,用来存放证书
[root@PLAY ~]# echo -n | openssl s_client -connect smtp.126.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/126.crt ####向126请求证书
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = GeoTrust RSA CA 2018
verify return:1
depth=0 C = CN, L = Hangzhou, O = "NetEase (Hangzhou) Network Co., Ltd", OU = Mail Dept., CN = *.126.com
verify return:1
DONE
[root@PLAY ~]# certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/126.crt ####添加一个证书到证书数据库中
[root@PLAY ~]# certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/126.crt ####添加一个证书到证书数据库中
[root@PLAY ~]# certutil -L -d /root/.certs ####列出目录下证书
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
GeoTrust SSL CA C,,
然后前往126邮箱打开smtp并获取客户端授权码
最后配置/etc/mail.rc
set bsdcompat
set from=test_wly@126.com
set smtp=smtps://smtp.126.com:465
set smtp-auth-user=test_wly@126.com
set smtp-auth-password=*********
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/root/.certs
此时test_wly@126.com收件箱就收到一封刚刚发的邮件了
看起来已经成功了,但是发送完邮件还有报错:证书不被信任,且命令行就此卡住,需要按键才能出现命令提示符
Error in certificate: Peer's certificate issuer is not recognized.
[root@PLAY ~]# cd /root/.certs/
[root@PLAY .certs]# ll
total 80
-rw-r--r-- 1 root root 1793 Jul 6 14:36 126.crt
-rw------- 1 root root 65536 Jul 6 14:37 cert8.db
-rw------- 1 root root 16384 Jul 6 14:37 key3.db
-rw------- 1 root root 16384 Jul 6 14:37 secmod.db
[root@PLAY .certs]# certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ./ -i 126.crt
Notice: Trust flag u is set automatically if the private key is present.