L.S.
I would like to make sure I am doing this correctly.
For port 25, I don't need a CA approved certificate. When I came across
`postfix-tls`, I figured this might be just the thing that is required
for this use-case.
If I understand correctly, the command `new-server-key` will only create
the server certificate (leaf certificate) and the private key. Would
this be enough, or do I also need to have an intermediate certificate,
and then concatenate the whole lot as follows:
private key [then] leaf certificate [then] intermediate certificate
# Postfix ≥ 3.4. Preferred configuration interface. Each file
# starts with the private key, followed by the corresponding
# certificate, and any intermediate issuer certificates.
(Source: https://www.postfix.org/TLS_README.html)
This is for a "3 1 1" DANE-only (no MTA-STS) setup.
Many thanks!
Edmund
--
Edmund Lodewijks <[email protected]>
TZ: UCT+2 / GMT+2
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
