Hello
Today create new my key file RSA, and ECDSA, and signed with certbot.
## TLS/SSL
/etc/letsencrypt/live/nmail.caloro.ch/privkey.pem
/etc/letsencrypt/live/nmail.caloro.ch/fullchain.pem
## RSA Key
/etc/letsencrypt/live/nmail.caloro.ch-rsa/privkey.pem
/etc/letsencrypt/live/nmail.caloro.ch-rsa/fullchain.pem
## ECDSA Key
/etc/letsencrypt/live/nmail.caloro.ch-rsa/privkey.pem
/etc/letsencrypt/live/nmail.caloro.ch-rsa/fullchain.pem
[main.cf]
smtpd_tls_chain_files =
/etc/letsencrypt/live/nmail.caloro.ch/privkey.pem,
/etc/letsencrypt/live/nmail.caloro.ch/fullchain.pem,
/etc/letsencrypt/live/nmail.caloro.ch-rsa/privkey.pem,
/etc/letsencrypt/live/nmail.caloro.ch-rsa/fullchain.pem
# smtpd_tls_cert_file =
/etc/letsencrypt/live/nmail.caloro.ch-rsa/privkey.pem
# smtpd_tls_key_file =
/etc/letsencrypt/live/nmail.caloro.ch-rsa/fullchain.pem
# smtpd_tls_eccert_file =
/etc/letsencrypt/live/nmail.caloro.ch-ecdsa/privkey.pem
# smtpd_tls_eckey_file =
/etc/letsencrypt/live/nmail.caloro.ch-ecdsa/fullchain.pem
smtpd_tls_received_header = yes
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
--
[Mail.log]
May 31 13:00:24 nmail postfix/smtps/smtpd[27271]: warning: key at index 1 in
/etc/letsencrypt/live/nmail.caloro.ch-rsa/privkey.pem does not match next
certificate
May 31 13:00:24 nmail postfix/smtps/smtpd[27271]: warning: TLS library
problem: error:1426D121:SSL routines:ssl_set_cert_and_key:not replacing
certificate:../ssl/ssl_rsa.c:1081:
May 31 13:00:24 nmail postfix/smtps/smtpd[27271]: warning: error loading
private keys and certificates from:
/etc/letsencrypt/live/nmail.caloro.ch/privkey.pem,
/etc/letsencrypt/live/nmail.caloro.ch/fullchain.pem,
/etc/letsencrypt/live/nmail.caloro.ch-rsa/privkey.pem,
/etc/letsencrypt/live/nmail.caloro.ch-rsa/fullchain.pem: disabling TLS
support
-- thanks for any update
