Hi -----Mensaje original----- De: Reindl Harald <h.rei...@thelounge.net> Para: postfix-users@postfix.org Asunto: Re: error using certificate server Fecha: Fri, 08 Feb 2013 20:34:47 +0100
Am 08.02.2013 20:22, schrieb deconya: > Hi > > Apologies for triplicate the mailing, my mail client blocks and send for and > error two times the mail. The third > was using webmail. > > If i use smtp_tls_security_level=may the smarthost not will accept mails > because needs to use autentication using > TLS inside relay_passwd > > In main.cf I not configure smtpd_tls_CAfile, this is default option, I need > to change? smtp_tls_CApath=/certs you copied random stuff there and nobody knows your environment Amb using postfix 2.5.5 inside ubuntu server. I discovered in a howto that to activate certificates this was one parameters to activate in main.cf, because by default postfix not recognice certificates. i do not know your OS, as said on Fedors/Redhat smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt i have no "smtp_tls_CApath" in use I have not defined this parameter in main.cf, is included by default however, i posted the wrong one smtp_ is relevant for you, not smtpd but hoewever,, the bundle is fine for both smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt > cp -R /etc/ssl/certs/* /var/spool/postfix/certs > cp -R /usr/share/ca-certificates /var/spool/postfix/usr/share/ca-certificates what is in this folders? what is it supposed to do? why do you copy stuff around? how do you imagine to update this stuff This was the howto explaining how to move all certificates to postfix folder. And now why can appear the error Server certificated not verified ???? Thanks > -----Mensaje original----- > *De*: Reindl Harald <h.rei...@thelounge.net > <mailto:reindl%20harald%20%3ch.rei...@thelounge.net%3e>> > *Para*: postfix-users@postfix.org <mailto:postfix-users@postfix.org> > *Asunto*: Re: error using certificate server > *Fecha*: Fri, 08 Feb 2013 20:13:07 +0100 > > > Am 08.02.2013 20:07, schrieb deco...@riseup.net <mailto:deco...@riseup.net>: >> At now Im configuring the TLS function in my postfix 2.5.5 and Im having a >> new problem. >> First was that said untrusted issuer because not detect the certificates. > > how often and with hom many subjects yiu will > start the thread again? > >> Please is critical to solve this problem, all messages are being deferred!!! >> smtp_tls_security_level=verify > > so why do you not change it to "may" instead "verify" in the first front? > >> smtp_tls_CApath=/certs > > and what is there? > > smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt > > works fine on redhat systems > > [root@mail:~]$ stat /etc/pki/tls/certs/ca-bundle.crt > Datei: „/etc/pki/tls/certs/ca-bundle.crt“ > Größe: 711830 Blöcke: 1392 EA Block: 4096 reguläre Datei > Gerät: 811h/2065d Inode: 82289 Verknüpfungen: 1 > Zugriff: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) > Zugriff : 2013-01-04 19:08:55.000000000 +0100 > Modifiziert: 2013-01-04 19:08:55.000000000 +0100 > Geändert : 2013-01-06 20:21:48.027334833 +0100 > Geburt : - >
