On Wed, Mar 16, 2022 at 12:16:23AM +0100, Thomas Bohl wrote: > >> > IIUC the client server needs the CA Certificate that was used to >> > generate the SMTP-server Certificate in its /etc/ssl/cert.pem (on >> > OpenBSD). >> >> Thanks. I did try this but it's still not working out. >> > >> Download the server certificate and append it to our /etc/ssl/certs.pem >> >> client# scp relay-server:/etc/ssl/server.crt /tmp/ >> client# file /tmp/server.crt >> /tmp/server.crt: PEM certificate >> client# cat /tmp/server.crt >> /etc/ssl/certs.pem > >Not the cert of the server but, like he said, the CACert.pem
The certificate is self-signed. Sorry, I should have mentioned that. >(And now you have to do that every time you update the system. sysmerge works wonders on OpenBSD. > Just go with free "ACME certificate".) Not possible.
