wiki.nindl.net

User Tools

Site Tools

Trace:
documentation:mail

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
documentation:mail [2013/12/28 16:42] ninedocumentation:mail [2013/12/29 21:31] (current) nine
Line 1: Line 1:
 ====== Postfix StartSSL ====== ====== Postfix StartSSL ======
  
-  - generate certificate request\\ <code>+  - Generate certificate request\\ <code>
 mkdir -p /root/ssl mkdir -p /root/ssl
 cd /root/ssl cd /root/ssl
 openssl req -new -newkey rsa:4096 -nodes -keyout mail.nindl.net.key -out mail.nindl.net.csr openssl req -new -newkey rsa:4096 -nodes -keyout mail.nindl.net.key -out mail.nindl.net.csr
 </code> </code>
 +  - Generate mail.nindl.net.crt with the respective .csr on startssl.com and copy to /root/ssl/mail.nindl.net.crt
   - Download the StartSSL Bundle\\ <code>   - Download the StartSSL Bundle\\ <code>
 wget https://www.startssl.com/certs/ca-bundle.pem -O startssl-ca-bundle.pem wget https://www.startssl.com/certs/ca-bundle.pem -O startssl-ca-bundle.pem
 +wget https://www.startssl.com/certs/sub.class1.server.ca.pem -O startssl-sub.class1.server.ca.pem
 cp /root/ssl/startssl-ca-bundle.pem /etc/ssl/certs/startssl-ca-bundle.pem cp /root/ssl/startssl-ca-bundle.pem /etc/ssl/certs/startssl-ca-bundle.pem
 +</code>
 +  - Copy keys\\ <code>
 +cp /root/ssl/mail.nindl.net.key /etc/ssl/private/postfix.pem
 +cp /root/ssl/mail.nindl.net.crt /etc/ssl/certs/postfix.pem
 +cat startssl-sub.class1.server.ca.pem >> /etc/ssl/certs/postfix.pem
 +</code>
 +  - in /etc/postfix/main.cf\\ <code>
 +smtpd_tls_cert_file=/etc/ssl/certs/postfix.pem
 +smtpd_tls_key_file=/etc/ssl/private/postfix.pem
 +smtpd_tls_CAfile=/etc/ssl/certs/startssl-ca-bundle.pem
 </code> </code>
documentation/mail.1388248966.txt.gz · Last modified: 2013/12/28 16:42 by nine