-----------------------------------------------------       2002.05.27
 ȏɂJؖƔ閧(private key)̍쐬菇
-----------------------------------------------------
-------------------------------------------------------------------
CERTIFICATE.BATsAKv͂΁uJؖvƁu閧v쐬܂B
iȉ菇j
-------------------------------------------------------------------
1. Oł̔F؋ǁiCAj̍쐬@
   note) K̔F؋ǂɌJؖ𔭍sĂ炤ꍇ́AKvȂB
2. u閧v̍쐬Ɓuo^\v̍쐬
3. F؋ǁiCAjɂďuJؖv𔭍s
   note) K̔F؋ǂɌJؖ𔭍sĂ炤ꍇ́Auo^\v
         F؋ǂɑtāuJؖv𔭍sĂ炤
   --------------------------------------------------
4.uJؖvƁu閧v"SPA-Pro Mail Server"ɐݒ肷B
5.NCAg|T[o[ԂłSMTP over SSLpIPAhX/|[g̎w
6.NCAg|T[o[ԂłPOP3 over SSLpIPAhX/|[g̎w
7.T[o[|T[o[ԂłSMTP over SSLpIPAhX/|[g̎w
-------------------------------------------------------------------

-------------------------------------------------------------------
1.Oł̔F؋ǁiCAj̍쐬
-------------------------------------------------------------------
openssl req -config openssl.cnf -new -nodes -keyout cakey.pem -x509 -out cacert.pem

Using configuration from openssl.cnf
Loading 'screen' into random state - done
Generating a 512 bit RSA private key
..++++++++++++
....++++++++++++
writing new private key to 'key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Saitama
Locality Name (eg, city) []:Kasukabe
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ACCESS
Organizational Unit Name (eg, section) []:Postmaster
Common Name (eg, YOUR name) []:mail.spa-mail.com
Email Address []:
-------------------------------------------------------------------

-------------------------------------------------------------------
2.閧̍쐬Ɠo^\̍쐬
-------------------------------------------------------------------
openssl req -config openssl.cnf -new -nodes -newkey rsa:512 -keyout mykey.pem -out myreq.pem 

Using configuration from openssl.cnf
Loading 'screen' into random state - done
Generating a 512 bit RSA private key
...++++++++++++
.++++++++++++
writing new private key to 'mykey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Saitama
Locality Name (eg, city) []:Kasukabe
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ACCESS
Organizational Unit Name (eg, section) []:Postmaster
Common Name (eg, YOUR name) []:mail.spa-mail.com
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
-------------------------------------------------------------------

-------------------------------------------------------------------
3.F؋ǁiCAjɂďuJؖv𔭍s
-------------------------------------------------------------------
openssl ca -config openssl.cnf -in myreq.pem -keyfile cakey.pem -cert cacert.pem -out mycert.pem

Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
countryName           :PRINTABLE:'JP'
stateOrProvinceName   :PRINTABLE:'Saitama'
localityName          :PRINTABLE:'Kasukabe'
organizationName      :PRINTABLE:'ACCESS'
organizationalUnitName:PRINTABLE:'Postmaster'
commonName            :PRINTABLE:'mail.spa-mail.com'
Certificate is to be certified until May  6 00:29:27 2003 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
-------------------------------------------------------------------

-------------------------------------------------------------------
4.uJؖvƁu閧v"SPA-Pro Mail Server"ɐݒ肷B
-------------------------------------------------------------------
쐬ꂽt@ĆA
mycert.crt ---- Jؖt@C
mykey.crt  ---- 閧t@C
ƂȂ܂̂ŁACӂ̃tH_ɕۑ
spacontrol->[T[o[ݒ]->[SSL]̊eŊĉB

-------------------------------------------------------------------
5.NCAg|T[o[ԂłSMTP over SSLpIPAhX/|[g̎w
-------------------------------------------------------------------
spacontrol->[T[rX]->[SPARS IPݒ]{^ĂB
IPݒ̃_CAO\܂̂ŁA
uꗗ̃AhXɉvIA
"IP Address"ݒ藓
SMTPT[o["IPAhX"ƃftHg̃|[gԍ"25" 
SMTPT[o["IPAhX"SSLʐMp̃|[gԍ"465*" 
Q̉AhX/|[gǉݒ肵ĉB
ǉounjv{^Đݒ_CAOA
SPARS̍ċNsĂB

[NCAg"MS-Outlook Express"ŃAJEgݒSSLʐM
wsƃNCAg|T[o[Ԃ̈ÍʐMŃ[Ms
悤ɂȂ܂B
̑̃[NCAgł́AstoneƂpPbgs[^oR
ėpSSLʐM\ɂȂ܂B

-------------------------------------------------------------------
6.NCAg|T[o[ԂłPOP3 over SSLpIPAhX/|[g̎w
-------------------------------------------------------------------
spacontrol->[T[rX]->[SPAPOP3S IPݒ]{^ĂB
IPݒ̃_CAO\܂̂ŁA
uꗗ̃AhXɉvIA
"IP Address"ݒ藓
POP3T[o["IPAhX"ƃftHg̃|[gԍ"110" 
POP3T[o["IPAhX"SSLʐMp̃|[gԍ"995*" 
Q̉AhX/|[gǉݒ肵ĉB
ǉounjv{^Đݒ_CAOA
SPARS̍ċNsĂB

[NCAg"MS-Outlook Express"ŃAJEgݒSSLʐM
wsƃNCAg|T[o[Ԃ̈ÍʐMŃ[Ms
悤ɂȂ܂B
̑̃[NCAgł́AstoneƂpPbgs[^oR
ėpSSLʐM\ɂȂ܂B

-------------------------------------------------------------------
6.T[o[|T[o[ԂłSMTP over SSLpIPAhX/|[g̎w
-------------------------------------------------------------------
spacontrol->[T[o[ݒ]->[e[uҏW]{^ĂB
Q[gEFCڍאݒt@CJ܂̂ŁA
\eɋLڂꂽ`SSLʐM\ȃT[o[w肵ĕۑ
܂B

) SMTPT[o[AhCspa-mail.com̃[MSMTP over SSL
   őMꍇB
   spa-mail.com,mail.spa-mail.com,465*

-------------------------------------------------------------------
note)
* openssl.exéAhttp://www.openssl.org/@\[XdownloadāAVC++6.0ŃRpC܂B
* openssl.cnf́Ahttp://www.openssl.org/@̔zzex[XɁAҏWĂ܂B

