Differences

This shows you the differences between two versions of the page.

Link to this comparison view

tech:linux:postfix_client_tls [2014/11/15 09:13] (current)
Line 1: Line 1:
 +====== Postfix Client TLS Support ======
 +
 +===== Resource =====
 +http://​www.postfix.org/​TLS_README.html#​client_tls
 +
 +====== Instructions ======
 +===== Generating SSL Key =====
 +Run the following commands: \\
 +
 +<​code>​
 +cd /​etc/​postfix
 +mkdir ssl
 +cd ssl
 +openssl genrsa -rand /​etc/​passwd:/​etc/​resolv.conf 2048 > smtpd.key
 +chmod 400 smtpd.key
 +openssl req -new -key smtpd.key > smtpd.csr
 +#  Enter the certificate information.
 +#  The "​common name" is the mail server DNS name.
 +</​code>​
 +
 +===== Self-sign the certificate =====
 +
 +Run the following commands:
 +
 +<​code>​
 +openssl req -days 36524 -x509 -key smtpd.key -in smtpd.csr > smtpd.crt
 +cat smtpd.crt smtpd.key > smtpd.pem
 +</​code>​
 +
 +===== Configure Postfix to use SSL =====
 +
 +Edit main.cf (located in /​etc/​postfix/​) adding the following at the bottom of the file. \\
 +
 +<​code>​
 +smtp_tls_cert_file=/​etc/​postfix/​ssl/​smtpd.pem
 +smtp_tls_key_file=$smtp_tls_cert_file
 +smtp_tls_loglevel=1
 +smtp_tls_note_starttls_offer=yes
 +smtp_use_tls=yes
 +smtpd_tls_cert_file=/​etc/​postfix/​ssl/​smtpd.pem
 +smtpd_tls_key_file=$smtp_tls_cert_file
 +smtpd_use_tls=yes
 +smtpd_tls_received_header=yes
 +</​code>​
 +
 +===== Configure Dovecot =====
 +Edit dovecot.conf (typically located in /etc) adding the following lines: ​
 +
 +<​code>​
 +ssl_cert_file = /​etc/​postfix/​ssl/​smtpd.pem
 +ssl_key_file = /​etc/​postfix/​ssl/​smtpd.pem
 +</​code>​
 +
 +===== Restart =====
 +Restart postfix and dovecot. ​
  

QR Code
QR Code tech:linux:postfix_client_tls (generated for current page)