Date: Wed, 06 May 2015 11:14:08 -0400 From: Jon Radel <jon@radel.com> To: Ernie Luzar <luzar722@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: postfix with TLS Message-ID: <554A2FC0.50801@radel.com> In-Reply-To: <554A1D43.1080600@gmail.com> References: <5546444B.2060002@gmail.com> <55464916.9030305@FreeBSD.org> <55464FC2.70709@gmail.com> <55466590.2090607@FreeBSD.org> <55492DDB.2020501@gmail.com> <554951AB.7010802@gmail.com> <554A1D43.1080600@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format. --------------ms060909070007060102020007 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: quoted-printable On 5/6/15 9:55 AM, Ernie Luzar wrote: > =20 > > > Thank you noel for your help so far. That quick-start instructions= are > all most useless because they don't make sense Really? You seem to have come to all the correct conclusions based on th= em! > and reference a script which is not available. You mean CA.pl? I'd suggest making a self-signed certificate and being=20 done with it. Skip setting up your own CA until you're more confident=20 with this stuff. And I hardly think it's Postfix's fault that the base=20 install of FreeBSD does indeed appear to not install CA.pl with openssl. > First of all the "Self-signed server certificate" section says this= > "In the examples below, user input is shown in bold font, and a "#"= > prompt indicates a super-user shell." > But there is no bold font, just blue links and I can only guess tha= t > what there trying to say about ""#" prompt indicates a super-user > shell" Well, arguably the whole thing should be bold. The links are merely=20 links to elsewhere in the documentation when it explains that that=20 option does. Execute those commands as root. I'd suggest cutting and pasting as=20 typos could get ugly. > is a indirect way of saying this. > Copy the code shown in the "Self-signed server certificate" section= and > paste it in a newly created blank file. > Insert "#! /bin/sh" as the first line of the file and remove all th= e > "#" > Save and exec. This should also work. > As I read the quick-start instructions is see that the first part = of > the instructions in the "Private Certification Authority" section i= s > based on a perl script called CA.pl. I have perl installed and the > locate command does not find it. It generally ships with openssl. The FreeBSD 10.1 machine I just=20 checked doesn't have it either, but it's quite a standard file. > Upon closer re-reading of the quick-start instructions it almost s= eems > that what is shown under the "Self-signed server certificate" sect= ion > is an newer and quicker method of accomplishing what is shown in th= e > "Private Certification Authority" section. You do one or the other = but > not both. > =20 Newer: no. Quicker: yes. Alternative methods of which you want to=20 do only one: most certainly. --Jon Radel jon@radel.com --------------ms060909070007060102020007 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIKrzCC BK8wggOXoAMCAQICEQDgI8sVEoNTia1hbnpUZ2shMA0GCSqGSIb3DQEBCwUAMG8xCzAJBgNV BAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJu YWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3QwHhcN MTQxMjIyMDAwMDAwWhcNMjAwNTMwMTA0ODM4WjCBmzELMAkGA1UEBhMCR0IxGzAZBgNVBAgT EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RP IENBIExpbWl0ZWQxQTA/BgNVBAMTOENPTU9ETyBTSEEtMjU2IENsaWVudCBBdXRoZW50aWNh dGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAibEN2npTGU5wUh28VqYGJre4SeCW51Gr8fBaE0kVo7SMG2C8elFCp3mMpCLfF2FOkdV2 IwoU00oCf7YdCYBupQQ92bq7Fv6hh6kuQ1JDFnyvMlDIpk9a6QjYz5MlnHuI6DBk5qT4VoD9 KiQUMxeZrETlaYujRgZLwjPU6UCfBrCxrJNAubUIkzqcKlOjENs9IGE8VQOO2U52JQIhKfqj fHF2T+7hX4Hp+1SA28N7NVK3hN4iPSwwLTF/Wb1SN7AzaS1D6/rWpfGXd2dRjNnuJ+u8pQc4 doykqTj/34z1A6xJvsr3c5k6DzKrnJU6Ez0ORjpXdGFQvsZAP8vk4p+iIQIDAQABo4IBFzCC ARMwHwYDVR0jBBgwFoAUrb2YejS0Jvf6xCZU7wO94CTLVBowHQYDVR0OBBYEFJJha4LhoqCq T+xn8cKj97SAAMHsMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwRAYDVR0fBD0w OzA5oDegNYYzaHR0cDovL2NybC51c2VydHJ1c3QuY29tL0FkZFRydXN0RXh0ZXJuYWxDQVJv b3QuY3JsMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy dXN0LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAGypurFXBOquIxdjtzVXzqmthK8AJECOZD8Vm am+x9bS1d14PAmEA330F/hKzpICAAPz7HVtqcgIKQbwFusFY1SbC6tVNhPv+gpjPWBvjImOc Uvi7BTarfVil3qs7Y+Xa1XPv7OD7e+Kj//BCI5zKto1NPuRLGAOyqC3U2LtCS5BphRDbpjc0 6HvgARClnMo6x59PiDRuimXQGoq7qdzKyjbR9PzCZCk1r9axp3ER0gNDsY8+muyeMlP0dpLK hjQHuSzK5hxK2JkNwYbikJL7WkJqIyEQ6WXH9dW7fuqMhSACYurROgcsWcWZM/I4ieW26RZ6 H3kU9koQGib6fIr7mzCCBfgwggTgoAMCAQICEHNU5Tx9a7TNDWBpDfzOARswDQYJKoZIhvcN AQELBQAwgZsxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMUEwPwYDVQQDEzhD T01PRE8gU0hBLTI1NiBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBD QTAeFw0xNTAzMzAwMDAwMDBaFw0xODAzMjkyMzU5NTlaMIH6MQswCQYDVQQGEwJVUzEOMAwG A1UEERMFMjIxNTAxCzAJBgNVBAgTAlZBMRQwEgYDVQQHEwtTcHJpbmdmaWVsZDEaMBgGA1UE CRMRNjkxNyBSaWRnZXdheSBEci4xFTATBgNVBAoTDEpvbiBULiBSYWRlbDEyMDAGA1UECxMp SXNzdWVkIHRocm91Z2ggSm9uIFQuIFJhZGVsIEUtUEtJIE1hbmFnZXIxHzAdBgNVBAsTFkNv cnBvcmF0ZSBTZWN1cmUgRW1haWwxEjAQBgNVBAMTCUpvbiBSYWRlbDEcMBoGCSqGSIb3DQEJ ARYNam9uQHJhZGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN7VG2H2 FtCpo4Of74Ll1UBAf2czZUfeg9rNm587CYgbZJcj+/c+56ZxBDcmSGalDTqBizPJduRMIuyq 8R9qViPzWN238rmVPhpV2PQt8khbJNxT3lXauwK4exK+f8+chywS1eDnesK2pLgQ60n27etj aE/xgKLLPXJjeaficomz3cwcbgCRdi5WnN9ogAMRNxWsD6trO9cR+cMldcNln1m65XXTrIii 86+FhZKVpW7yetIcmNcVkjYhfCAh5UGgyKHfK7osuPXgj9h1nSsgDwr5Q0H41bpGLe7AdcFu viOHdmqSuohVSt/VV7JuF2slx2pd0w0eMoNKUKhrFhFsvLUCAwEAAaOCAdUwggHRMB8GA1Ud IwQYMBaAFJJha4LhoqCqT+xn8cKj97SAAMHsMB0GA1UdDgQWBBTP1gHXRYR8E0eyRHCj/S+H yppC7DAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD BAYIKwYBBQUHAwIwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEFBQcCARYd aHR0cHM6Ly9zZWN1cmUuY29tb2RvLm5ldC9DUFMwXQYDVR0fBFYwVDBSoFCgToZMaHR0cDov L2NybC5jb21vZG9jYS5jb20vQ09NT0RPU0hBMjU2Q2xpZW50QXV0aGVudGljYXRpb25hbmRT ZWN1cmVFbWFpbENBLmNybDCBkAYIKwYBBQUHAQEEgYMwgYAwWAYIKwYBBQUHMAKGTGh0dHA6 Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1NIQTI1NkNsaWVudEF1dGhlbnRpY2F0aW9uYW5k U2VjdXJlRW1haWxDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv bTAYBgNVHREEETAPgQ1qb25AcmFkZWwuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBLU976AGA/ 5JD9rkjl7vNfRGDQOEffvwseVmLEmBLot8I8vZ50oxRCLdOH0Zd8uN17J5a4xajP3blnMEdw /CQF4f6Iz8ASG7QOGLSSin+nrqD20Q8lRn8oOyrF100OsPRPKmff/fekdOMkQOrJ3MCDAHQ2 fxuWkxupLBP6PzC49qR8uyPVxIPNetMsuyYhAHtq4DJphd1bJbxirDffqstQK+M5R+eo47KN WyJ5PD/Q8ug4clobJ7P5W1Xh7KLqnVI2JffYD5+/EEzMpAsKiQTjdxci1z06TOr/9/Z+68an Xuvyambg6OMzkTaTCyD1sE9QExHj+zGiwpUufSj2vGWjMYIEMTCCBC0CAQEwgbAwgZsxCzAJ BgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZv cmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMUEwPwYDVQQDEzhDT01PRE8gU0hBLTI1 NiBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQQIQc1TlPH1rtM0N YGkN/M4BGzAJBgUrDgMCGgUAoIICVTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG SIb3DQEJBTEPFw0xNTA1MDYxNTE0MDhaMCMGCSqGSIb3DQEJBDEWBBT75isUBrL1I5GE9ijN RxDKxIZbJzBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYI KoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqG SIb3DQMCAgEoMIHBBgkrBgEEAYI3EAQxgbMwgbAwgZsxCzAJBgNVBAYTAkdCMRswGQYDVQQI ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9E TyBDQSBMaW1pdGVkMUEwPwYDVQQDEzhDT01PRE8gU0hBLTI1NiBDbGllbnQgQXV0aGVudGlj YXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQQIQc1TlPH1rtM0NYGkN/M4BGzCBwwYLKoZIhvcN AQkQAgsxgbOggbAwgZsxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0 ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMUEwPwYD VQQDEzhDT01PRE8gU0hBLTI1NiBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBF bWFpbCBDQQIQc1TlPH1rtM0NYGkN/M4BGzANBgkqhkiG9w0BAQEFAASCAQAeeMq1tP99YXWL xKq79kQSI11khLfoK2E1/7mMV7suW1hzV/qb3xJkZczjeJ41TDXYNs1LdGIiYsoifqz3MEz3 Upbp5N+FFfqcJU7+IcCCu5borRzM1c6Js2yYA2uTHrzkgs27yV079AJZp8I9AstKFLuH86Vw GI9MFuc8G5zwAROFiA1uiqdwxXdmUoFsP1/PGW9nZHnoXR3aOEqomAalViUWdOJrzCaW2Mwv fSAo8qT5mprmz0XqfKmEJbUBUnT0r70xs9IIcI/gU1yXlQn3swocDUHrgSH0PTWC8XaPW44+ dWF7rMeS3k9yXIG7tFZMm8cMEnE3gG6XD1a96RXJAAAAAAAA --------------ms060909070007060102020007--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?554A2FC0.50801>