Skip to main content
Participating Frequently
November 29, 2018
Question

Use certificate based TLS auth when sending mail?

  • November 29, 2018
  • 1 reply
  • 338 views

CF 11,0,15,311399 on RedHat Linux 7.6 x86-64

I'm trying to send email using cfmail() and our local smtp server prefers the use of X509 certifcates for authentication and TLS rather than the more usual username/password mechanism.  Is this possible is CF11?

I see stuff about keystore, keyalias, etc but that seems more for digitally signing the email.  And stuff about recipientcert and encrypt seems more about encrypting the actual body of the email being sent using the recipient's public key./certificate.

Thanks,

PH

    This topic has been closed for replies.

    1 reply

    Community Expert
    December 2, 2018

    I've never done anything with TLS client authentication with SMTP in CF or elsewhere. I would try adding the client certificates to the Java keystore and see if that works, even though it's kind of grouped with mail signing in the CF Administrator. I don't think you should even have to enter the keystore and keystore password if you're using the default Java keystore, but you'll probably have to enter the alias to get the right client certificate.

    If none of that works, you could use the time-honored workaround of setting up your own SMTP server locally, and use CF to talk to that instead.

    Dave Watts, Fig Leaf Software

    Dave Watts, Eidolon LLC