From owner-freebsd-questions@FreeBSD.ORG Wed May 6 14:54:23 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 23B11773 for ; Wed, 6 May 2015 14:54:23 +0000 (UTC) Received: from mail-yk0-x231.google.com (mail-yk0-x231.google.com [IPv6:2607:f8b0:4002:c07::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D002010B2 for ; Wed, 6 May 2015 14:54:22 +0000 (UTC) Received: by ykec202 with SMTP id c202so3108071yke.2 for ; Wed, 06 May 2015 07:54:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=date:from:to:subject:message-id:in-reply-to:references:reply-to :organization:mime-version:content-type:content-transfer-encoding; bh=47LwCiR0GsA7RuUzQApSy275OAa+Q/Zs0RJOC5+KjaQ=; b=H14XY2sDmPBLBJ9yI0EL+LQkdrHIrLuUtyUWh2J45r2UpVspudaY/lOxb9XMZ2tXnD 4emgWXQjQMFdvtEcwoHm3y2seAW0iA5p+UKTZKO48vI4tJ06UM1f2dhDVs4PykpK0tiO udRriXEn1HXKVt6Rr/m/AVAaD1iX6LVNPZfNU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:reply-to:organization:mime-version:content-type :content-transfer-encoding; bh=47LwCiR0GsA7RuUzQApSy275OAa+Q/Zs0RJOC5+KjaQ=; b=cRDA9VA/9gLTiQGA7JDW7TJIMdEoRPtwKM+f4HA8GTDedpzxion9QdKJw+T/GTc/Ua FgbXazA/cC10YzGweiLTjTsSoQJK4We29aNYQ7+YKsKuBQP4jabd9W9Crd7SeZMGVNiQ mvQQR2o/OlRM4QLb1uvZ8GPVwPnWOAlwZkJdPZ5z5XGh9+X8ug7DhFHk7gxQBVJqQKBB RIYLmmgLDgSrhFiTCpsdnNFJD0oT34Taci3tw4JAhW4+WtUA4mqX3aSXyqnBflsrx152 GMYQdEfcJwAiLueS3KZ8O2LMf+ufYQ1B2pfFs+w3olq6uwOuct0Z2FmlNdbHA5fiU1Ax rqNA== X-Gm-Message-State: ALoCoQk6VO8ffy8ZOj0TUlU6IU66LYiXw+BmubQOdfjFqiU4QnCESitzOUxjQ98al2Eo6SXX9Gxr X-Received: by 10.170.168.133 with SMTP id k127mr24781756ykd.66.1430924061515; Wed, 06 May 2015 07:54:21 -0700 (PDT) Received: from scorpio.seibercom.net (cpe-174-109-23-221.nc.res.rr.com. [174.109.23.221]) by mx.google.com with ESMTPSA id 17sm1517266yhw.6.2015.05.06.07.54.21 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 06 May 2015 07:54:21 -0700 (PDT) Received: from localhost (cpe-174-109-23-221.nc.res.rr.com [174.109.23.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by scorpio.seibercom.net (Postfix) with ESMTPSA id 3lhgtN498Tz3Hmm8 for ; Wed, 6 May 2015 10:54:20 -0400 (EDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.98.6 at scorpio.seibercom.net Date: Wed, 6 May 2015 10:54:19 -0400 From: Jerry To: FreeBSD FreeBSD Subject: Re: postfix with TLS Message-ID: <20150506105419.791b3fb7@seibercom.net> In-Reply-To: <554A1D43.1080600@gmail.com> References: <5546444B.2060002@gmail.com> <55464916.9030305@FreeBSD.org> <55464FC2.70709@gmail.com> <55466590.2090607@FreeBSD.org> <55492DDB.2020501@gmail.com> <554951AB.7010802@gmail.com> <554A1D43.1080600@gmail.com> Reply-To: FreeBSD FreeBSD Organization: seibercom NET X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.27; amd64-portbld-freebsd10.1) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 May 2015 14:54:23 -0000 On Wed, 06 May 2015 09:55:15 -0400, Ernie Luzar stated: > Thank you noel for your help so far. That quick-start instructions are > all most useless because they don't make sense > and reference a script which is not available. > First of all the "Self-signed server certificate" section says this > "In the examples below, user input is shown in bold font, and a "#" > prompt indicates a super-user shell." > But there is no bold font, just blue links and I can only guess that > what there trying to say about ""#" prompt indicates a super-user > shell" > is a indirect way of saying this. > Copy the code shown in the "Self-signed server certificate" section and > paste it in a newly created blank file. > Insert "#! /bin/sh" as the first line of the file and remove all the > "#" > Save and exec. > As I read the quick-start instructions is see that the first part of > the instructions in the "Private Certification Authority" section is > based on a perl script called CA.pl. I have perl installed and the > locate command does not find it. > Upon closer re-reading of the quick-start instructions it almost seems > that what is shown under the "Self-signed server certificate" section > is an newer and quicker method of accomplishing what is shown in the > "Private Certification Authority" section. You do one or the other but > not both. > What is your thoughts on that? > > References > > 1. http://www.postfix.org/TLS_README.html#quick-start > 2. http://www.postfix.org/TLS_README.html#quick-start They all make perfectly good sense and are time test and approved. No disrespect, but I question yourr credentials for attempting to operate an MTA. There are several publications describing the fundamentals behind "openssl" and various "MTAs", etcetera. You might want to brush up on them before posting again. As a bit of advice, I would highly recommend that you NOT post on the "postfix" forum. Wietse would chew you up alive. -- Jerry