How can I auth a tls certificate for an smtp server without using http?
Currently I am using getssl bash script.
The server that requires a certificate is firewalled off only port 25 is available!
DNS authentication is off the cards this is an enterprise and therefore changes must go through a time consuming (and costly) change management process.
I can shut down the smtp server while authentication occurs but auth must occur over port 25 not 80 or 443. This would be impossible on the firewall.
You can’t. You’ve already explored the alternative to port 80 and 443, but dismissed it. As far as I know, there’s no other way, except perhaps using the firewall itself to intercept a request for the challenge and redirect it to another host (which is acceptable) who can do HTTP.