On Thu, 19 Feb 2015 06:32:29 John wrote:
> On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
> >> smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
> >> smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
> >
> > Are there any destinations for which you need client certs to gain
> > access? If not set these empty.
>
> I thought these were needed for TLS.
> I must be a /little/ confused. Is it the sender or the receiver that
> initiates TLS?
> From your comment to remove them, it must be the receiver, correct?
These settings are saying to use a specific certificate when connecting to
another server with a specific client certificate where mutual trust is needed,
e.g. where you were connecting to a smarthost that used the certificate to
authenticate you.
