Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 05 May 2015 18:26:35 -0500
From:      Noel <noeldude@gmail.com>
To:        Ernie Luzar <luzar722@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: postfix with TLS
Message-ID:  <554951AB.7010802@gmail.com>
In-Reply-To: <55492DDB.2020501@gmail.com>
References:  <5546444B.2060002@gmail.com> <55464916.9030305@FreeBSD.org> <55464FC2.70709@gmail.com> <55466590.2090607@FreeBSD.org> <55492DDB.2020501@gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On 5/5/2015 3:53 PM, Ernie Luzar wrote:
> Matthew Seaman wrote:
>> On 03/05/2015 17:41, Ernie Luzar wrote:
>> =20
>>> Is the ability builtin to create SSL keys and certs?
>>>    =20
>>
>> No.  That's where you'ld use openssl.
>>
>>     Mathew
>>
>>
>>  =20
> On my system 10.1 system 'locate openssl'  shows /usr/bin/openssl.
> So I take that to mean that 'yes' the ability is builtin to the
> FreeBSD base to
> create the SSL keys and certs needed by postfix.
>
> No need to 'pkg install openssl', correct?

Correct.  openssl is part of the base.

>
> Do some TLS parameters have to be added to postfix's main.cf file ?

Yes, although TLS is supported by the package, it is not enabled by
default.
http://www.postfix.org/TLS_README.html#quick-start

>
> The openssl comand has to be run to create SSL keys and certs
> needed by postfix for TLS?

The quick-start section of TLS _README gives examples for creating a
self-signed certificate using openssl, and shows the common settings
required in postfix to enable TLS.  The remaining postfix TLS
settings -- and there's a lot of them -- have reasonable defaults
and seldom need adjusting.
http://www.postfix.org/TLS_README.html#quick-start



  -- Noel Jones




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?554951AB.7010802>