Carlos Williams wrote:
It appears that my postfix server is using invalid TLS certs from
/etc/postfix/main.cf. When I set up my client to use TLS, I get an
invalid certificate error from Outlook that tells me the hostname and
domain of the server which are wrong. I renamed the FQDN at some point
however I must have re-used the certificates generated for old FQDN.
How do I fix this? Can I regenerate certificates some how with the
current FQDN or use my SSL certificates from Verisign? I don't know if
the SSL certs I use from Verisign are the same thing in this case.
Can someone please explain and or help me?
Yes, the FQDN of the server is encoded in the certificate. If
you rename the server, you must get a new certificate (or
generate a new one if self-signed).
If your existing verisign certificate is a "server" type
certificate with the right FQDN, you should be able to use it
with postfix.
Or if you need to generate a new self-signed certificate, see;
http://www.postfix.org/TLS_README.html#quick-start
--
Noel Jones
