Hello David and Gerald, Thank you for the answers. I'm reading the documentation and we need to adjust the smtp_tls_CAfile indeed. I will adjust this as soon as possible and I will report the result here.
Best regards Fabio Em sex., 17 de set. de 2021 às 11:50, Gerald Galster <[email protected]> escreveu: > > I'm sorry if this is a frequent question, but we have deployed a new > Postfix server and we have enabled Opportunistic TLS. We have noticed that > even with a valid certificate when connecting to gmail servers the > Untrusted TLS connection is being displayed. > > > > I have updated the ca-certificate package, but the issue is still the > same. > > > Does postfix use the correct file? > > (RHEL example) > smtpd_tls_CAfile = /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem > smtp_tls_CAfile = /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem > > Best regards > Gerald -- Atenciosamente, Fabio S. Schmidt https://respirandolinux.com.br
