- Make sure your system has OpenSSL. If you're using OpenBSD, it should
be installed by default. Otherwise, you can get it from
http://www.openssl.org/
- Build pine with SSL/TLS.
The pine source is available from
http://www.washington.edu/pine/
After untarring the source, use the "build" script to build pine. The
syntax is:
./build [SSL options] [OS]
The SSL options require that you specify the location of the certs,
includes, and libs for SSL on your system.
The list of OSes is under [pine-src]/doc/pine-ports.
Example for OpenBSD:
/build SSLCERTS=/etc/ssl/certs SSLINCLUDE=/usr/include/ssl SSLLIB=/usr/lib bso
- Start pine. Under Setup Config:
user-domain = monkey.org
smtp-server = smtp.monkeymail.org/user=username@monkey.org
inbox-path = imap.monkeymail.org/novalidate-cert/ssl/user=username@monkey.org
When asked for the Folder on "imap.monkeymail.org" to use for
INBOX, reply with INBOX.
If you'd like to install the monkey cert instead of using "novalidate-cert", here are the basic steps:
Download the cert from
http://monkeymail.org/cert/CA.crt
Save the file as monkey-ca.pem or something similar. The cert is already in
the correct PEM format.
You will need to be root for the rest of this.
Copy the cert file to your SSLCERTS directory.
Calculate the hash with the following command:
openssl x509 -noout -hash -in [path to cert directory]/monkey-ca.pem
This will give you an eight character hash such as "abf071da".
In the ssl certs directory, create a symbolic link from the hash value plus
".0" to the cert file.
ln -s monkey-ca.pem abf071da.0
Use the following command to verify the installation (substitute in your
own SSLCERTS path and cert name):
openssl verify -CApath /etc/ssl/certs monkey-ca.pem
This should reply with something like:
monkey-ca.pem: OK
If you run into trouble, I suggest reading
http://tirian.magd.ox.ac.uk/~nick/openssl-certs/email.shtml and
http://tirian.magd.ox.ac.uk/~nick/openssl-certs/others.shtml#ca-openssl