-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi list !
I run debian lenny/sid and postfix is my MTA .
My relayhost uses a selfsigned CA certificate which i have imported as
/etc/ssl/certs/myisp.crt and linked as
/usr/share/ca-certificate/myisp.pem and in postfix as
/etc/postfix/CA/myisp.pem
In postfix configuration i have:
smtpd_tls_CApath = /etc/postfix/CA/
and i have my selfsigned CA cert on itself in
/etc/postfic/ssl/cacert.pem , after this i'm still getting these
warnings in mail.log:
> Jan 10 00:41:58 mail postfix/smtp[10404]: certificate verification failed for
> smtp.myisp[111.222.222.999]:587: untrusted issuer /C=NO/O=MyISP/CN=MyISP
> Certification Authority/emailaddress...@myisp
Should i stick both cerificates on one big file.pem in postfix like
> smtpd_tls_CAfile = /etc/postfix/ssl/file.pem
or there is another way to make postfix successfully verify my isp CA ?
Thanks !
Gab
- --
sec 1024D/80231A90 2008-07-01
Key fingerprint = 54AC C632 B35E FB9B 6D9F 108D DBE6 5425 8023 1A90
uid Gabriele Lost Adm (Chiave ufficiale
Gabrix.ath.cx,ok?) <ad...@gabrix.ath.cx>
uid [jpeg image of size 2989]
ssb 4096g/550632FD 2008-07-01
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEAREKAAYFAkl5cRMACgkQ2+ZUJYAjGpDLmQCfX9GPFsow5gI2m+h3YwwfskG4
Z7cAoLf5ZMCPKG8ETMXnYejPpIGPGPLI
=FA3Y
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
