通过 telnet 进行 SMTP STARTTLS 证书协商 [英] SMTP STARTTLS certificate negotitiation via telnet

问题描述

我正在尝试在 sendmail 中启动 tls，但我不知道如何使用证书.请给我建议

I am trying to start tls in sendmail, but I do not know how to use certificate. Please suggest me way

> telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 <machinename> ESMTP Sendmail <version>; <date>;localhost(OK)-localhost [127.0.0.1]
EHLO localhost
250-<mahinename> Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5
250-STARTTLS
250-DELIVERBY
250 HELP
STARTTLS
220 2.0.0 Ready to start TLS

我应该何时以及如何使用/提供证书?

When and How should I use/provide the certificate?

推荐答案

你不能，因为一旦你开始使用 TLS，对话就会被加密，而你可能不会说那种语言 ;)

You can't, because as soon as you start using TLS, the conversation becomes encrypted, and you probably don't speak that language ;)

您可以这样做:

openssl s_client -debug -starttls smtp -crlf -connect localhost:25

OpenSSL 将为您执行 STARTTLS 握手，您将能够从那里接听对话(即时自动解密).

OpenSSL will do the STARTTLS handshake for you and you will be able to pick up the conversation from there (decrypted automatically on the fly).

这篇关于通过 telnet 进行 SMTP STARTTLS 证书协商的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！