How to creating CAfile for postfix, I will try using postfix with Amazon SES.
Thanks
Can you provide a little more information, to save us guessing what you want.
Are you asking how to obtain a standard certificate ? or how to configure postfix ? or something else ?
I have 4 certificate - cert.pem,chain.pem,fullchain.pem,privkey.pem.
I was added this to my apache, all working properly.
For me needed certificate for my postfix server using with AWS, tutorial: http://docs.aws.amazon.com/ses/latest/DeveloperGuide/postfix.html
Look at this tutorial line sudo postconf -e 'smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt’
Question, where I can find CA-certificates, no one working from 4 upper certificates.
thanks
copy the cert, chain and key files into a single file, and use that,
cat privkey.pem cert.pem chain.pem > ca-certificates.crt
then use the ca-certificate.crt
done, but still have error in mail.log
(TLS is required, but was not offered by host 127.0.0.1[127.0.0.1])
Some of your other config is not correct. With the limited details you provide, I can’t say exactly what is wrong in the config.
another type of certificates:
ssl_cert = </etc/pki/tls/certs/server.crt
ssl_key = </etc/pki/tls/private/server.key
ssl_ca = </etc/pki/tls/certs/server.ca-bundle
server.crt and server.key, what a file I must using?
ssl_cert = cert.pem
ssl_key = privkey.pem
ssl_ca = chain.pem (or, possibly fullchain.pem depending on the software / version)
thank a lot. i will try tomorrow.
Euh, those settings look more like Dovecot settings to me… Postfix uses smtpd_tls_cert_file
and smtpd_tls_key_file
. You can feed fullchain.pem
to smtpd_tls_cert_file
so it will send the intermediate certificate automatically.
This latter also goes for Dovecot: just feed ssl_cert
the fullchain.pem
so you won’t need ssl_ca
(which is for TLS client authentication, which you probably don’t need/want…)
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.