I didn't see you mention a certificate authority, is this self-signed?
Yes it is self signed.
starttls says:
If you don't intend to use TLS for authentication (and if you are using
self-signed certificates you probably don't) you can simply link
your new
certificate to CAcert.pem.
# ln -s /etc/mail/certs/mycert.pem /etc/mail/certs/CAcert.pem
If, on the other hand, you intend to use TLS for authentication you
should install your certificate authority bundle as
/etc/mail/certs/CAcert.pem.
You didn't mention this file.
Because it doesn't apply at all for smtpd and nowhere in the code does
it look for that anyway.
So, no I didn't do anything about it. I did look at the code first and I
did find the answer to one of my questions, (the part for the name) but
still the smtpd refuse connections for tls exchange.
Just for the archive, the man smtpd on the configuration have:
listen on interface [port port] [tls | smtps] [certificate name] [enable
auth]
where I was failing for the name part ONLY on the [certificate name] was
that I use the full file name as dc0.crt instead of dc0 only as the code
does add the .crt part to the name. But that address only the name part
of the configuration I had errors with. It doesn't fix the issue I can't
get the system to work with tls.
Most likely it is something stupid, but I can't se it never th eless.
Best,
Daniel
