> For a more clueful guide to the perplexed:
> http://www.postfix.org/TLS_README.html#quick-start
I neither know Bash nor Perl. That's why I decided to ask about the
commands from "CA.pl" and about this [1] guide in general.
So, could you elaborate on the following? What are we actually
On Wed, Oct 24, 2012 at 03:59:01AM -0400, thorso...@lavabit.com wrote:
> > There is no point in CA key that you don't use. If you create a
> > CA, then at least use it to sign the server certificate. Otherwise,
> > both the server key-pair and the CA key-pair are in fact self-signed
> > CAs and on
> There is no point in CA key that you don't use. If you create a
> CA, then at least use it to sign the server certificate. Otherwise,
> both the server key-pair and the CA key-pair are in fact self-signed
> CAs and one of them is redundant.
Oh, I got confused. Are you trying to say that this exa
On Tue, Oct 23, 2012 at 09:05:27AM -0400, thorso...@lavabit.com wrote:
> > You did not specify a key to use for this operation. This writes
> > a new key to a default file (often privkey.pem) with insecure
> > permissions (0644) (even password protected keys should not
> > be world readable).
>
>
> You did not specify a key to use for this operation. This writes
> a new key to a default file (often privkey.pem) with insecure
> permissions (0644) (even password protected keys should not
> be world readable).
It saved the key as "cakey.pem" with 644.
Should I change the permissions of the m
On Mon, Oct 22, 2012 at 03:45:22PM -0400, thorso...@lavabit.com wrote:
> I'm trying to configure ESMTP using this guide [1].
>
> $ touch smtpd.key
> $ chmod 600 smtpd.key
> $ openssl genrsa 4096 > smtpd.key
This will generate a 4096 bit key, though you almost certainly
should not use a key this
Am 22.10.2012 21:45, schrieb thorso...@lavabit.com:
> Hello,
> The above generated a 1024 bit RSA private key. How to create a 4096 bit key?
the following is for 2048 bit
replace 2048 by whatever you want
alter the template for your needs (partly german)
this is a script/remplate i am using sin
