Am 08.02.2013 20:22, schrieb deconya: > Hi > > Apologies for triplicate the mailing, my mail client blocks and send for and > error two times the mail. The third > was using webmail. > > If i use smtp_tls_security_level=may the smarthost not will accept mails > because needs to use autentication using > TLS inside relay_passwd > > In main.cf I not configure smtpd_tls_CAfile, this is default option, I need > to change?
smtp_tls_CApath=/certs you copied random stuff there and nobody knows your environment i do not know your OS, as said on Fedors/Redhat smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt i have no "smtp_tls_CApath" in use however, i posted the wrong one smtp_ is relevant for you, not smtpd but hoewever,, the bundle is fine for both smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt > cp -R /etc/ssl/certs/* /var/spool/postfix/certs > cp -R /usr/share/ca-certificates /var/spool/postfix/usr/share/ca-certificates what is in this folders? what is it supposed to do? why do you copy stuff around? how do you imagine to update this stuff > -----Mensaje original----- > *De*: Reindl Harald <h.rei...@thelounge.net > <mailto:reindl%20harald%20%3ch.rei...@thelounge.net%3e>> > *Para*: postfix-users@postfix.org <mailto:postfix-users@postfix.org> > *Asunto*: Re: error using certificate server > *Fecha*: Fri, 08 Feb 2013 20:13:07 +0100 > > > Am 08.02.2013 20:07, schrieb deco...@riseup.net <mailto:deco...@riseup.net>: >> At now Im configuring the TLS function in my postfix 2.5.5 and Im having a >> new problem. >> First was that said untrusted issuer because not detect the certificates. > > how often and with hom many subjects yiu will > start the thread again? > >> Please is critical to solve this problem, all messages are being deferred!!! >> smtp_tls_security_level=verify > > so why do you not change it to "may" instead "verify" in the first front? > >> smtp_tls_CApath=/certs > > and what is there? > > smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt > > works fine on redhat systems > > [root@mail:~]$ stat /etc/pki/tls/certs/ca-bundle.crt > Datei: „/etc/pki/tls/certs/ca-bundle.crt“ > Größe: 711830 Blöcke: 1392 EA Block: 4096 reguläre Datei > Gerät: 811h/2065d Inode: 82289 Verknüpfungen: 1 > Zugriff: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) > Zugriff : 2013-01-04 19:08:55.000000000 +0100 > Modifiziert: 2013-01-04 19:08:55.000000000 +0100 > Geändert : 2013-01-06 20:21:48.027334833 +0100 > Geburt : - > -- Reindl Harald the lounge interactive design GmbH A-1060 Vienna, Hofmühlgasse 17 CTO / CISO / Software-Development p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40 icq: 154546673, http://www.thelounge.net/ http://www.thelounge.net/signature.asc.what.htm
signature.asc
Description: OpenPGP digital signature
