Linode Forum :: Postfix: PositiveSSL Cert Install Problem

Linode Forum https://forum.linode.com/

Postfix: PositiveSSL Cert Install Problem https://forum.linode.com/viewtopic.php?f=11&t=10367	Page 1 of 1

Author:	bassburner [ Mon Aug 26, 2013 11:17 am ]
Post subject:	Postfix: PositiveSSL Cert Install Problem
I'm trying to install an SSL certificate into dovecot and postfix. Here's the various files I have: mail_exit66.crt PostiveSSLCA2.crt AddTrustExternalCARoot.crt mail_exit66.key I combined the 3 crts into one file (in the order above) and put it into /etc/ssl/certs/mail_exit66.pem and the key followed by the 3 crts into one file and put it into /etc/ssl/private/mail_exit66.pem. I assigned them in the dovecot config (10-ssl.conf) and that works fine with out an SSL warning. However, postfix isn't working so well and still gives the SSL warnings. I've tried the various combinations based off various information I got off the interwebs: smtpd_tls_cert_file=/etc/ssl/certs/mail_exit66.pem smtpd_tls_key_file=/etc/ssl/private/mail_exit66.pem smtpd_tls_cert_file=/etc/ssl/certs/mail_exit66.crt smtpd_tls_key_file=/etc/ssl/private/mail_exit66.key smtpd_tls_cert_file=/etc/ssl/certs/mail_exit66.crt smtpd_tls_key_file=/etc/ssl/private/mail_exit66.key smtpd_tls_CAfile=/etc/ssl/certs/AddTrustExternalCARoot.crt smtpd_tls_cert_file=/etc/ssl/certs/mail_exit66.crt smtpd_tls_key_file=/etc/ssl/private/mail_exit66.key smtpd_tls_CAfile=/etc/ssl/certs/PostiveSSLCA2.crt Any ideas on how I can get this working? Thanks, Andy

Author:	bassburner [ Mon Aug 26, 2013 11:21 am ]
Post subject:	Re: Postfix: PositiveSSL Cert Install Problem
And to add, there are no errors on starting Postfix in /var/log/syslog

Author:	AGWA [ Mon Aug 26, 2013 11:59 am ]
Post subject:	Re: Postfix: PositiveSSL Cert Install Problem
Try this: Code: smtpd_tls_cert_file=/etc/ssl/certs/mail_exit66.pem smtpd_tls_key_file=/etc/ssl/private/mail_exit66.key Note it's smtpd_tls_key_file, not smtpd_tls_private_file.

Author:	bassburner [ Mon Aug 26, 2013 12:41 pm ]
Post subject:	Re: Postfix: PositiveSSL Cert Install Problem
AGWA wrote: Try this: Code: smtpd_tls_cert_file=/etc/ssl/certs/mail_exit66.pem smtpd_tls_key_file=/etc/ssl/private/mail_exit66.key Note it's smtpd_tls_key_file, not smtpd_tls_private_file. Turns out that was a typo, I am using smtpd_tls_key_file. So I'm still stuck.

Author:

bassburner [ Mon Aug 26, 2013 1:14 pm ]

Post subject:

Re: Postfix: PositiveSSL Cert Install Problem

Ok. I got it working by following instructions from here: http://www.byteslounge.com/tutorials/postfix-dovecot-ssl-configuration-example

In master.cf:

at the end of the smtp line add:

Code:

-o smtpd_tls_cert_file=/etc/ssl/certs/mail_exit66.crt
-o smtpd_tls_key_file=/etc/ssl/private/mail_exit66.key

at the end of the smtps line add:

Code:

-o smtpd_tls_wrappermode=yes
-o smtpd_tls_cert_file=/home/root/certs/domain.crt
-o smtpd_tls_key_file=/home/root/certs/domain.key

Page 1 of 1	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/