Setting up a StartCom certificate for Postfix

DON'T post new tutorials here! Please use the "Pending Submissions" board so the staff can review them first.
Post Reply
User avatar
ayu
Staff
Staff
Posts: 8109
Joined: 27 Aug 2005, 16:00
18
Contact:
Contact ayu

Setting up a StartCom certificate for Postfix

Post by ayu »

This little guide assumes that you already have a working certificate from StartSSL and a postfix server installed with tls support.

You should have the following files already:

Code: Select all

ssl.key
ssl.crt
ca-bundle.pem (http://www.startssl.com/certs/)
Basically this is what you have to have in your main.cf for postfix to work with a certificate like this.

Code: Select all

# TLS parameters
smtp_tls_note_starttls_offer = yes
smtpd_tls_cert_file = /etc/ssl/StartCom/ssl.crt
smtpd_tls_key_file = /etc/ssl/StartCom/ssl.key
smtpd_tls_CAfile = /etc/ssl/StartCom/ca-bundle.pem
smtp_tls_CAfile = /etc/ssl/StartCom/ca-bundle.pem
smtpd_use_tls = yes
smtp_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
And with this it should work.
Small little "tut" but it doesn't need more explanation then that :)
"The best place to hide a tree, is in a forest"
Top
Post Reply

Return to “Linux”