Tolga ha scritto:
http://www.google.com/search?q=self+signed+certificate
I have been reading
https://help.ubuntu.com/8.04/serverguide/C/postfix.html and I applied
some parts and skipped some (as I don't have SASL anywhere mentioned
in main.cf), and I restarted postfix but I still get the warning that
my certificate expired when connecting with mutt.
My postconf -n now:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 0
mydestination = ozses.net, kunduz.org, localhost.net, localhost
myhostname = ozses.net
mynetworks = 127.0.0.0/8 192.168.0.0/16 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
reject_unknown_reverse_client_hostname,
reject_unauth_pipelining, reject_non_fqdn_recipient,
reject_rbl_client zen.spamhaus.org
smtpd_tls_cert_file = /etc/ssl/certs/cacert.pem
smtpd_tls_key_file = /etc/ssl/private/smtpd.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
Regards,
~mto
The cacert.pem is not the same thing as the smtpd.crt
re-read the Ubuntu page again.
smtpd_tls_key_file = /etc/ssl/private/smtpd.key
smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
