Re: StartTLS frustrations
Take a peek inside the CA and cert files using openssl x509 -inform pem -in [file] -noout -text and use openssl rsa with the same arguments to peek in the private key, and make sure they contain what you expect they should contain.
Let us know if you see anything peculiar inside or not.
Matthew.On Apr 5, 2013 7:47 AM, "Peter L. Berghold" <peter@...> wrote:
Gettting very frustrated with trying to set up TLS using a StartSSL (StartCom)
Here are the applicable lines (sanitized of course) I used to set this
smtpd_use_tls = yes
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
This is aping everything I've read on the topic on a variety of sites.
The error I'm seeing in the maillog is:
Apr 5 10:43:36 myhostname postfix/smtpd: warning: No server certs available. TLS won't be enabled
I've double checked the files (especially the cert file) and they are all where
I expect them to be. What in the world am I missing?
Peter L. Berghold peter@...
Unix Professional, Beer Brewer, Dog Trainer and Patriot