Use certificate based TLS auth when sending mail?

Question

CF 11,0,15,311399 on RedHat Linux 7.6 x86-64

I'm trying to send email using cfmail() and our local smtp server prefers the use of X509 certifcates for authentication and TLS rather than the more usual username/password mechanism. Is this possible is CF11?

I see stuff about keystore, keyalias, etc but that seems more for digitally signing the email. And stuff about recipientcert and encrypt seems more about encrypting the actual body of the email being sent using the recipient's public key./certificate.

Thanks,

PH

Dave Watts · Answer

I've never done anything with TLS client authentication with SMTP in CF or elsewhere. I would try adding the client certificates to the Java keystore and see if that works, even though it's kind of grouped with mail signing in the CF Administrator. I don't think you should even have to enter the keystore and keystore password if you're using the default Java keystore, but you'll probably have to enter the alias to get the right client certificate.

If none of that works, you could use the time-honored workaround of setting up your own SMTP server locally, and use CF to talk to that instead.

Dave Watts, Fig Leaf Software

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded