postfix with TLS
Noel
noeldude at gmail.com
Tue May 5 23:26:37 UTC 2015
On 5/5/2015 3:53 PM, Ernie Luzar wrote:
> Matthew Seaman wrote:
>> On 03/05/2015 17:41, Ernie Luzar wrote:
>>
>>> Is the ability builtin to create SSL keys and certs?
>>>
>>
>> No. That's where you'ld use openssl.
>>
>> Mathew
>>
>>
>>
> On my system 10.1 system 'locate openssl' shows /usr/bin/openssl.
> So I take that to mean that 'yes' the ability is builtin to the
> FreeBSD base to
> create the SSL keys and certs needed by postfix.
>
> No need to 'pkg install openssl', correct?
Correct. openssl is part of the base.
>
> Do some TLS parameters have to be added to postfix's main.cf file ?
Yes, although TLS is supported by the package, it is not enabled by
default.
http://www.postfix.org/TLS_README.html#quick-start
>
> The openssl comand has to be run to create SSL keys and certs
> needed by postfix for TLS?
The quick-start section of TLS _README gives examples for creating a
self-signed certificate using openssl, and shows the common settings
required in postfix to enable TLS. The remaining postfix TLS
settings -- and there's a lot of them -- have reasonable defaults
and seldom need adjusting.
http://www.postfix.org/TLS_README.html#quick-start
-- Noel Jones
More information about the freebsd-questions
mailing list