The best reference that I’m aware of for this used to be at http://sial.org/howto/sendmail/cipherlist/ – but DNS to that site is currently broken. The site can be reached by IP address, at least for the time being. Distilled instructions: Assuming you are building from source, add the following to your site.config.m4: Next, rebuild the Sendmail [...]
For Red Hat or clones, or ESX/ESXi, use “grub-md5-crypt”: Copy and paste to “rootpw –iscrypted” as appropriate.
To generate the CSR, do the following: openssl req -new -nodes -key host.key -out host.csr See also: Generating Certificate Signing Requests.
To create a self-signed certificate for internal or testing use, enter the following commands: openssl genrsa 1024 > host.key openssl req -new -x509 -nodes -sha1 -days 1825 -key host.key > host.cert