postfix with TLS

Noel noeldude at
Tue May 5 23:26:37 UTC 2015

On 5/5/2015 3:53 PM, Ernie Luzar wrote:
> Matthew Seaman wrote:
>> On 03/05/2015 17:41, Ernie Luzar wrote:
>>> Is the ability builtin to create SSL keys and certs?
>> No.  That's where you'ld use openssl.
>>     Mathew
> On my system 10.1 system 'locate openssl'  shows /usr/bin/openssl.
> So I take that to mean that 'yes' the ability is builtin to the
> FreeBSD base to
> create the SSL keys and certs needed by postfix.
> No need to 'pkg install openssl', correct?

Correct.  openssl is part of the base.

> Do some TLS parameters have to be added to postfix's file ?

Yes, although TLS is supported by the package, it is not enabled by

> The openssl comand has to be run to create SSL keys and certs
> needed by postfix for TLS?

The quick-start section of TLS _README gives examples for creating a
self-signed certificate using openssl, and shows the common settings
required in postfix to enable TLS.  The remaining postfix TLS
settings -- and there's a lot of them -- have reasonable defaults
and seldom need adjusting.

  -- Noel Jones

More information about the freebsd-questions mailing list