On 02/28/2016 07:05 PM, Lucius Rizzo wrote: > You have a few options. All involve the use of openssl to generate key or csr > > See https://www.madboa.com/geek/openssl/ > > 1. Create a self signed cert and point Postfix to use ssl key and pem which > was self generated > 2. Use letsencrypt (HIGHLY recommended). IMHO, the introduction of > letsencrypt will kill the basic ssl cert signed market. > 3. Get a signed cert from namecheap. (You can alway buy a throwaway domain > and add positivessl cert for a year for US $1.99 >
I use certs from cacert.org - free for my postfix and dovecot certs. I'm eventually planning on switching to letsencrypt but cacert.org is one source of free certs. --- Marina Brown > ________________________________________ > From: [email protected] <[email protected]> on behalf > of Marco Beishuizen <[email protected]> > Sent: Sunday, February 28, 2016 5:35 PM > To: [email protected] > Subject: create keys and certificates for postfix/tls > > Hi, > > I'm trying to make Postfix work with TLS enabled. Looks like I need some > certificates and keys. How do create them on NetBSD 7.0? > > Thanks in advance, > Marco > > -- > You've been leading a dog's life. Stay off the furniture. >
