Highlighted

Use certificate based TLS auth when sending mail?

New Here ,
Nov 29, 2018

Copy link to clipboard

Copied

CF 11,0,15,311399 on RedHat Linux 7.6 x86-64

I'm trying to send email using cfmail() and our local smtp server prefers the use of X509 certifcates for authentication and TLS rather than the more usual username/password mechanism.  Is this possible is CF11?

I see stuff about keystore, keyalias, etc but that seems more for digitally signing the email.  And stuff about recipientcert and encrypt seems more about encrypting the actual body of the email being sent using the recipient's public key./certificate.

Thanks,

PH

Views

177

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Use certificate based TLS auth when sending mail?

New Here ,
Nov 29, 2018

Copy link to clipboard

Copied

CF 11,0,15,311399 on RedHat Linux 7.6 x86-64

I'm trying to send email using cfmail() and our local smtp server prefers the use of X509 certifcates for authentication and TLS rather than the more usual username/password mechanism.  Is this possible is CF11?

I see stuff about keystore, keyalias, etc but that seems more for digitally signing the email.  And stuff about recipientcert and encrypt seems more about encrypting the actual body of the email being sent using the recipient's public key./certificate.

Thanks,

PH

Views

178

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Nov 29, 2018 0
Adobe Community Professional ,
Dec 02, 2018

Copy link to clipboard

Copied

I've never done anything with TLS client authentication with SMTP in CF or elsewhere. I would try adding the client certificates to the Java keystore and see if that works, even though it's kind of grouped with mail signing in the CF Administrator. I don't think you should even have to enter the keystore and keystore password if you're using the default Java keystore, but you'll probably have to enter the alias to get the right client certificate.

If none of that works, you could use the time-honored workaround of setting up your own SMTP server locally, and use CF to talk to that instead.

Dave Watts, Fig Leaf Software

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Dec 02, 2018 0