Someday (maybe today) I will WRITE DOWN the proper way to generate and export certificates. Getting this warning in my maillog:
"warning: cannot get private key from file /etc/postfix/privkey.pem" Doesn't stop TLS from occurring, it is just annoying. TLS is used between postfix mail gateways and external Exchange server. If someone can give the correct steps to generate a certificate with the proper info much appreciated. It also could be an issue with my tls config in my main.cf (using Postfix 2.5.6): smtpd_use_tls = yes smtp_use_tls = no smtp_tls_note_starttls_offer = no smtpd_tls_auth_only = no smtp_tls_security_level = may ## smtpd_tls_ask_ccert = yes smtpd_tls_key_file = /etc/postfix/privkey.pem smtpd_tls_cert_file = /etc/postfix/cacert.pem smtpd_tls_CAfile = /usr/share/ssl/certs/ca-bundle.crt smtpd_tls_CAfile = /etc/postfix/cacert.pem smtp_tls_CAfile = /etc/postfix/exchange.pem smtp_tls_policy_maps = hash:/etc/postfix/tls_policy smtpd_tls_mandatory_ciphers = high smtpd_tls_loglevel = 14 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom smtpd_tls_session_cache_database = sdbm:/etc/postfix/smtpd_scache smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache Thanks in advance. Edward W. Ray
