On Sat, Jul 11, 2015 at 09:23:52PM -0700, Steve Jenkins wrote:
> http://www.stevejenkins.com/blog/2011/09/how-to-use-a-free-startssl-certificate-in-postfix-for-ssltls/
Perhaps mention that all fuss is for when the certificate's purpose
to enable submission on port 587, not just TLS on port 25. For
the latter, you don't need a certificate from any CA, a self-signed
one will do fine:
http://www.postfix.org/TLS_README.html#quick-start
Spell check the document, there are some typos. The private key
should be generated as root, with "umask 077", only the development
version of OpenSSL 1.1.0 strives to create key files that are not
world-readable.
# umask 077
# host=$(uname -n) # Season to taste
# openssl req -new \
-subj "/CN=$host" -out $host-csr.pem \
-newkey rsa:2048 -nodes -keyout $host-key.pem
The "chmod" after the fact is too late, and group read permissions
are suboptimal.
My offline copies of the key are password protected:
# openssl pkey -in $host-key.pem -aes128 -out $host-key-aes128.pem
this prompts for a passpharse (don't forget it), then save the
encrypted, not the cleartext key. The certificate content is public
and can be saved as-is. Instead of "$host.crt" I prefer the much
less Windows-specific "$host-cert.pem".
You say certificates are about trust, and the first thing you do,
is download an unverified copy of "trusted" certs:
# wget --no-check-certificate \
https://www.startssl.com/certs/ca-bundle.pem \
-O startssl-ca-bundle.pem
I would not recommend that "--no-check-certificate". Many users
will already have the StartSSL cert in the default OpenSSL trusted
CA locations. That "bundle" contains three self-signed root CAs,
and a pile of intermediate CA certs. Most users need just the
intermediate CA that issued their server certificate and perhaps
also the root:
$ openssl crl2pkcs7 -nocrl -certfile ca-bundle.pem |
openssl pkcs7 -print_certs -noout
subject=/C=IL/O=StartCom Ltd./CN=StartCom Certification Authority G2
issuer=/C=IL/O=StartCom Ltd./CN=StartCom Certification Authority G2
subject=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate
Signing/CN=StartCom Certification Authority
issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate
Signing/CN=StartCom Certification Authority
subject=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate
Signing/CN=StartCom Certification Authority
issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate
Signing/CN=StartCom Certification Authority
...
The intermediate CA certificate needs to be appended to the server
certificate file (if not already present), as explained in TLS_README:
http://www.postfix.org/TLS_README.html#server_cert_key
The main.cf comment about TLS for SASL is wrong:
# Require senders to use TLS
smtpd_tls_auth_only = yes
this requires submission users sending outbound mail to use TLS in
order to authenticate. It does not require TLS per-se either from
non-submission senders, or from submission senders in "mynetworks"
who don't need to authenticate.
As for certificate bundles, you don't need one for receiving mail,
provided the server certicicate chain file includes all the required
intermediate CAs:
# Empty (default) is just fine:
# smtpd_tls_CAfile =
And even the SMTP client (outbound mail) does not need to
preload hundreds of questionable CAs.
# Empty (default) is best:
# smtpd_tls_CAfile =
With smtp_tls_security_level = may, the certs are ignored anyway.
If you really feel compelled to trust some of the better known
public CAs, throw just their certs into some root owned not world
writable directory, and run c_rehash(1) there. Then set:
# Specify directory with CAs you've personally decided to
# trust.
smtp_tls_CApath = /some/where
--
Viktor.
