On 14/5/25 01:07, Matus UHLAR - fantomas via Postfix-users wrote:
>> >> On 14/5/25 00:08, Matus UHLAR - fantomas via Postfix-users wrote:
>> >> >
>> >> > are you sure the proper smtpd_tls_cert_file and
>> smtpd_tls_key_file
>> >> > are
>> >> > configured in postfix configuration?
>
>> > On Wed, May 14, 2025 at 12:17:29AM +1000, Matthew J Black via
>> Postfix-users wrote:
>> >
>> >> Triple-checked it :-)
>> >> And as I said, I can't find the old certs on the box anywhere,
>> so even
>> >> if they were incorrectly set then there's nothing to present :-)
>
>> On 14/5/25 00:48, Viktor Dukhovni via Postfix-users wrote:
>> > There's no magic, Postfix loads certificates and keys from the
>> > configured locations.
>> >
>> > https://www.postfix.org/DEBUG_README.html#mail
>
> On 14.05.25 00:56, Matthew J Black via Postfix-users wrote:
>> Yeah, I realise that - that's why it's so weird! :-)
>>
>> (Which is to say that I've stuffed things up somewhere, but I'll be a
>> disney proncess if I can work out where!)
>
> any reverse proxy between you and server?
> no multiple postfix instances used?
>
Nope, no reverse proxy - well, yes there is, for some of the (externally
facing) domains, but the problem also exists for the purley internal
domains (which don't go via the haproxy box) so I think that that can be
ruled out - if fact I did rule it out. :-)
However, I also checked the haproxy box througherly and again, could
find no trace of any cache nor the old TLS certs. The haproxy box has
also been rebooted in an effort to definitely rule it out.
But if I'm wrong them I'm wrong - so if there are suggesting in that
area I'm more than happy to hear them and try them.
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
