Differences

This shows you the differences between two versions of the page.

--- blog:install_cacert_certificate_for_postfix_smtp:tls [2009-07-28 10:20] – created brb
+++ blog:install_cacert_certificate_for_postfix_smtp:tls [2014-05-21 07:15] (current) – brb
@@ Line 4: / Line 4: @@
   * When openssl asks for your name, enter the FQDN of the server
-  $ openssl req -nodes -new -keyout private.key -out server.csr
+  $ openssl req -nodes -newkey rsa:2048 -keyout private.key -out server.csr
 Then you paste server.csr into the form on their web site and they email you back a certificate, save this as server.crt.
@@ Line 17: / Line 18: @@
 This is for main.cf, see also the other stuff above:
-smtpd_tls_key_file = /etc/postfix/ssl/newreq.pem
+  smtpd_tls_key_file = /etc/postfix/ssl/newreq.pem
-smtpd_tls_cert_file = /etc/postfix/ssl/newcert.pem
+  smtpd_tls_cert_file = /etc/postfix/ssl/newcert.pem
-smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
+  smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
+===== Refreshing the certificate: =====
+  * Got to the cacert site and refresh the certificate
+  * open /etc/postfix/ssl/newcert.pem and paste in the new certificate
+  * restart postfix
+  * test sending a mail with tls enabled
 Source: https://wiki.slugbug.org.uk/Postfix_TLS
-{{tag>postfix linux security}}
+{{tag>postfix linux security ssl tls}}
 ~~LINKBACK~~
 ~~DISCUSSION~~