Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== Postfix Client TLS Support ======
+===== Resource =====
+http://www.postfix.org/TLS_README.html#client_tls
+====== Instructions ======
+===== Generating SSL Key =====
+Run the following commands: \\
+<code>
+cd /etc/postfix
+mkdir ssl
+cd ssl
+openssl genrsa -rand /etc/passwd:/etc/resolv.conf 2048 > smtpd.key
+chmod 400 smtpd.key
+openssl req -new -key smtpd.key > smtpd.csr
+#  Enter the certificate information.
+#  The "common name" is the mail server DNS name.
+</code>
+===== Self-sign the certificate =====
+Run the following commands:
+<code>
+openssl req -days 36524 -x509 -key smtpd.key -in smtpd.csr > smtpd.crt
+cat smtpd.crt smtpd.key > smtpd.pem
+</code>
+===== Configure Postfix to use SSL =====
+Edit main.cf (located in /etc/postfix/) adding the following at the bottom of the file. \\
+<code>
+smtp_tls_cert_file=/etc/postfix/ssl/smtpd.pem
+smtp_tls_key_file=$smtp_tls_cert_file
+smtp_tls_loglevel=1
+smtp_tls_note_starttls_offer=yes
+smtp_use_tls=yes
+smtpd_tls_cert_file=/etc/postfix/ssl/smtpd.pem
+smtpd_tls_key_file=$smtp_tls_cert_file
+smtpd_use_tls=yes
+smtpd_tls_received_header=yes
+</code>
+===== Configure Dovecot =====
+Edit dovecot.conf (typically located in /etc) adding the following lines:
+<code>
+ssl_cert_file = /etc/postfix/ssl/smtpd.pem
+ssl_key_file = /etc/postfix/ssl/smtpd.pem
+</code>
+===== Restart =====
+Restart postfix and dovecot.