Home Forums OS X Server and Client Discussion Mail Self-Signed SSL Certificate = Slooooooooooow Sending

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • March 28, 2010 at 6:58 am #378284
    l008com
    Participant

    I use Self Signed SSL Certs on my server. I’m looking for encryption, not ‘authentication’. So finally in 10.6, Mail.app started to REMEMBER when you checked the box to always trust a given certificate. So I’ve been using my certs and it’s been working great with one issue. It takes a very long time to send mail. It used to be instant, now it’s slooooooooow. I’m assuming this is somehow due to the SSL certificate. Its a real problem. Sometimes you wake a computer up from sleep, to find that an email you sent before you put your Mac to sleep, hasn’t sent you. I was thinking about just buying a real cert. But then I figured, WTF. I don’t need a real cert. What I need is a way to figure out exactly why it’s taking longer to send, and fix it! My server is very fast, and significantly under-loaded, so I should be able to pull of near instant sending!

    March 29, 2010 at 3:28 am #378289
    bschappel
    Participant

    Pay a visit to [url]http://www.cacert.org[/url] and setup an account. You can generate free certificates. Add their root cert to your keychain and the certs will always be trusted.

    Download their root cert, in PEM format, and save it as CACertroot.crt at the root of your startup drive. Then use this command to add the cert to your keychain.

    [code]/usr/bin/security add-trusted-cert -d -r trustRoot -k “/Library/Keychains/System.keychain” /CACertroot.crt[/code]

    The above command is for Leopard and SL.

    Doing this will eliminate the certificates from your troubleshooting chain. Hope you figure it out.

    March 29, 2010 at 5:39 am #378290
    l008com
    Participant

    Actually… funny story.

    Right about the time I implemented my self-signed SSL certs (before i was not using SSL), one of my realtime databases shut down. I did not know this because theres no possible way to know such a thing. So I implement self signed SSL on both of my servers, and it starts taking forever to send email. Well, thats because in en effort to get people to stop using their server, they purposely made their server delay responses. Trying to trigger the admin (me) to look into the matter. After a year, I finally got annoyed enough to look into it. I deleted that one realtime db server, and now the emails are FLYING off my server at high speed. Things are working to well, I’m now thinking about implementing SPF checking on my server. Nearly all of my spam has my address as the To and the From. SPF should significantly reduce the amount of spam i get, to almost nothing.

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.