What should I use keylength and digest when creating both the CA cert and the smtpd cert? Should I leave the passwords blank? Thanks
On Sat, Jan 2, 2010 at 6:04 PM, Patrick Ben Koetter <[email protected]>wrote: > * froinds J <[email protected]>: > > Ah you so were right. > > I set up postfix to use the certs that cyrus-imapd creates by default and > > everything works now. > > What's weird is that cyrus-imapd was using the same certs postfix was > using > > and it didn't complain. I was able to receive email when I turned off TSL > > for postfix. > > So I guess the problem is that I'm not creating good self-signed > > certificates. I've done this more than 20 times following every source on > > the internet including the guides in postfix.org. My certs have always > > worked with cyrus-imapd and apache, but I always run into trouble with > > postfix. > > > > Can you provide a set of instructions to follow? > > You can use TinyCA <http://tinyca.sm-zone.net/> to setup a CA and the > required > certificates. Then configure Postfix. When your done, send "postconf -n" > output and we will have a look at the config. > > p...@rick > > > > > > > > Thanks so much. > > > > > > > > On Sat, Jan 2, 2010 at 4:02 PM, Patrick Ben Koetter <[email protected] > >wrote: > > > > > * froinds J <[email protected]>: > > > > Oops! I forgot to check SSL. > > > > My client now seems to start a TLS session and still nothing. Here is > the > > > > log with the SSL error. > > > > > > TLS log. My favourite waste of time. Everything is layed out so > clear... :/ > > > > > > There are two lines in your log that make me think (think, not know!) > that > > > your client doesn't like the server certificate. Read below. > > > > > > > > -- > All technical questions asked privately will be automatically answered on > the > list and archived for public access unless privacy is explicitely required > and > justified. > > saslfinger (debugging SMTP AUTH): > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> >
