On Fri, Dec 17, 2010 at 04:53:35AM +0530, Sunil Nimmagadda wrote: > I am new to OpenBSD and smtpd, please ignore if this is too trivial to > inform. Smtpd checks for two files instead of one when no certificate > name is specified for "listen on". Though one of the examples shows > exactly what has to be done, I thought it helps mentioning explicitly. >
after some dicussion with gilles, we committed the diff below. hope that's all clear now, and thanks for the diff. jmc Index: smtpd.conf.5 =================================================================== RCS file: /cvs/src/usr.sbin/smtpd/smtpd.conf.5,v retrieving revision 1.36 diff -u -r1.36 smtpd.conf.5 --- smtpd.conf.5 29 Oct 2010 09:16:08 -0000 1.36 +++ smtpd.conf.5 18 Dec 2010 22:24:02 -0000 @@ -110,15 +110,28 @@ or SMTPS .Pq Ic smtps , by default on port 465. +Host certificates may be used for these connections, +and are searched for in the +.Pa /etc/mail/certs +directory. +If +.Ic certificate +is specified, +a certificate +.Ao Ar name Ac Ns .crt +and key +.Ao Ar name Ac Ns .key +are searched for. +If no +.Ic certificate +is specified, +the default interface name is instead used, +for example +.Pa fxp0.crt +and +.Pa fxp0.key . Creation of certificates is documented in .Xr starttls 8 . -If no certificate -.Ar name -is specified, the -.Pa /etc/mail/certs -directory is searched for a file named by joining -the interface name with a .crt extension, e.g.\& -.Pa /etc/mail/certs/fxp0.crt . .Pp If the .Ic enable auth
