sendmail certs -- which letsencrypt cert to use for ca

Gary Aitken freebsd at
Thu Apr 5 02:27:31 UTC 2018

I'm wanting to switch the self-certified certs generated by sendmail
when it first starts over to ones certified via letsencrypt.
Letsencrypt generates four files:
   cert.pem, privkey,pem, chain.pem and fullchain.pem
As I understand it, chain.pem contains intermediates, and fullchain
contains the main cert + intermediates.
Sendmail's generated certs consist of a cert, a privkey, and a CA.
Which of chain.pem or fullchain.pem should be used for the CA, or
will either work?



More information about the freebsd-questions mailing list