Date: Tue, 05 May 2015 18:26:35 -0500 From: Noel <noeldude@gmail.com> To: Ernie Luzar <luzar722@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: postfix with TLS Message-ID: <554951AB.7010802@gmail.com> In-Reply-To: <55492DDB.2020501@gmail.com> References: <5546444B.2060002@gmail.com> <55464916.9030305@FreeBSD.org> <55464FC2.70709@gmail.com> <55466590.2090607@FreeBSD.org> <55492DDB.2020501@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/5/2015 3:53 PM, Ernie Luzar wrote: > Matthew Seaman wrote: >> On 03/05/2015 17:41, Ernie Luzar wrote: >> =20 >>> Is the ability builtin to create SSL keys and certs? >>> =20 >> >> No. That's where you'ld use openssl. >> >> Mathew >> >> >> =20 > On my system 10.1 system 'locate openssl' shows /usr/bin/openssl. > So I take that to mean that 'yes' the ability is builtin to the > FreeBSD base to > create the SSL keys and certs needed by postfix. > > No need to 'pkg install openssl', correct? Correct. openssl is part of the base. > > Do some TLS parameters have to be added to postfix's main.cf file ? Yes, although TLS is supported by the package, it is not enabled by default. http://www.postfix.org/TLS_README.html#quick-start > > The openssl comand has to be run to create SSL keys and certs > needed by postfix for TLS? The quick-start section of TLS _README gives examples for creating a self-signed certificate using openssl, and shows the common settings required in postfix to enable TLS. The remaining postfix TLS settings -- and there's a lot of them -- have reasonable defaults and seldom need adjusting. http://www.postfix.org/TLS_README.html#quick-start -- Noel Jones
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?554951AB.7010802>