On Sun, 19 Feb 2012 19:35:56 +0100, Wietse Venema
wrote:
Artemy Tregubenko:
> Instead of enumerating things Postfix that does not do, it would
> be more helpful to say how to achieve a concrete result:
>
>To use ONLY system-supplied default certifica
On Sun, 19 Feb 2012 18:18:12 +0100, Wietse Venema
wrote:
Artemy Tregubenko:
On Sun, 19 Feb 2012 17:10:50 +0100, Wietse Venema
wrote:
> As per the documentation, Postfix APPENDS to certificates in *CApath
> or *CAfile. If you don't specify certificates in *CApath and *CAf
On Sun, 19 Feb 2012 17:10:50 +0100, Wietse Venema
wrote:
As per the documentation, Postfix APPENDS to certificates in *CApath
or *CAfile. If you don't specify certificates in *CApath and *CAfile,
then Postfix won't append to them.
Could you add to documentation this sentence "If you don't s
On Sun, 19 Feb 2012 16:00:43 +0100, Wietse Venema
wrote:
To investigate, you can strace the SMTP daemon (see DEBUG_README.html)
and see what system calls fail. That will also show whether you
correctly followed instructions to turn of the chroot feature.
Thanks to strace I figured out that
On Sun, 19 Feb 2012 16:00:43 +0100, Wietse Venema
wrote:
Therefore, the Equifax certificate wasn't found with 'smtp_tls_CApath
= /etc/ssl/certs'. For CApath to work, you need to run a program
that sets up the necessary symlinks (named after a certificate hash)
that allow the OpenSSL library t
On Sun, 19 Feb 2012 15:05:58 +0100, Wietse Venema
wrote:
Artemy Tregubenko:
Hello,
I have an Ubuntu server with Postfix 2.8.2 on it. Looks like
tls_append_default_CA has no effect on it.
See if this fixes the problem:
http://www.postfix.org/DEBUG_README.html#no_chroot
Then
Hello,
I have an Ubuntu server with Postfix 2.8.2 on it. Looks like
tls_append_default_CA has no effect on it.
When I send emails to Gmail I get message about failed certificate
verification. There're many articles on solving this issue. The ones that
I saw suggest suboptimal approach of
