Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 06 May 2015 11:14:08 -0400
From:      Jon Radel <jon@radel.com>
To:        Ernie Luzar <luzar722@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: postfix with TLS
Message-ID:  <554A2FC0.50801@radel.com>
In-Reply-To: <554A1D43.1080600@gmail.com>
References:  <5546444B.2060002@gmail.com> <55464916.9030305@FreeBSD.org> <55464FC2.70709@gmail.com> <55466590.2090607@FreeBSD.org> <55492DDB.2020501@gmail.com> <554951AB.7010802@gmail.com> <554A1D43.1080600@gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
This is a cryptographically signed message in MIME format.

--------------ms060909070007060102020007
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: quoted-printable

On 5/6/15 9:55 AM, Ernie Luzar wrote:
>   =20
>
>
>     Thank you noel for your help so far. That quick-start  instructions=
 are
>     all most useless because they don't make sense
Really?  You seem to have come to all the correct conclusions based on th=
em!
>     and reference a script which is not available.
You mean CA.pl?  I'd suggest making a self-signed certificate and being=20
done with it.  Skip setting up your own CA until you're more confident=20
with this stuff.  And I hardly think it's Postfix's fault that the base=20
install of FreeBSD does indeed appear to not install CA.pl with openssl.
>     First of all the "Self-signed server certificate" section says this=

>     "In the examples below, user input is shown in bold font, and a "#"=

>     prompt indicates a super-user shell."
>     But there is no bold font, just blue links and I can only guess tha=
t
>     what there trying to say about ""#" prompt indicates a super-user
>     shell"
Well, arguably the whole thing should be bold.  The links are merely=20
links to elsewhere in the documentation when it explains that that=20
option does.

Execute those commands as root.  I'd suggest cutting and pasting as=20
typos could get ugly.
>     is a indirect way of saying this.
>     Copy the code shown in the "Self-signed server certificate" section=
 and
>     paste it in a newly created blank file.
>     Insert "#! /bin/sh" as the first line of the file and remove all th=
e
>     "#"
>     Save and exec.
This should also work.
>     As I read the quick-start  instructions is see that the first part =
of
>     the instructions in the "Private Certification Authority" section i=
s
>     based on a perl script called CA.pl. I have perl installed and the
>     locate command does not find it.
It generally ships with openssl.  The FreeBSD 10.1 machine I just=20
checked doesn't have it either, but it's quite a standard file.
>     Upon closer re-reading of the quick-start  instructions it almost s=
eems
>     that what is shown under the  "Self-signed server certificate" sect=
ion
>     is an newer and quicker method of accomplishing what is shown in th=
e
>     "Private Certification Authority" section. You do one or the other =
but
>     not both.
>   =20
Newer:  no.   Quicker:  yes.  Alternative methods of which you want to=20
do only one:  most certainly.

--Jon Radel
jon@radel.com


--------------ms060909070007060102020007
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIKrzCC
BK8wggOXoAMCAQICEQDgI8sVEoNTia1hbnpUZ2shMA0GCSqGSIb3DQEBCwUAMG8xCzAJBgNV
BAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJu
YWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3QwHhcN
MTQxMjIyMDAwMDAwWhcNMjAwNTMwMTA0ODM4WjCBmzELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RP
IENBIExpbWl0ZWQxQTA/BgNVBAMTOENPTU9ETyBTSEEtMjU2IENsaWVudCBBdXRoZW50aWNh
dGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAibEN2npTGU5wUh28VqYGJre4SeCW51Gr8fBaE0kVo7SMG2C8elFCp3mMpCLfF2FOkdV2
IwoU00oCf7YdCYBupQQ92bq7Fv6hh6kuQ1JDFnyvMlDIpk9a6QjYz5MlnHuI6DBk5qT4VoD9
KiQUMxeZrETlaYujRgZLwjPU6UCfBrCxrJNAubUIkzqcKlOjENs9IGE8VQOO2U52JQIhKfqj
fHF2T+7hX4Hp+1SA28N7NVK3hN4iPSwwLTF/Wb1SN7AzaS1D6/rWpfGXd2dRjNnuJ+u8pQc4
doykqTj/34z1A6xJvsr3c5k6DzKrnJU6Ez0ORjpXdGFQvsZAP8vk4p+iIQIDAQABo4IBFzCC
ARMwHwYDVR0jBBgwFoAUrb2YejS0Jvf6xCZU7wO94CTLVBowHQYDVR0OBBYEFJJha4LhoqCq
T+xn8cKj97SAAMHsMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwRAYDVR0fBD0w
OzA5oDegNYYzaHR0cDovL2NybC51c2VydHJ1c3QuY29tL0FkZFRydXN0RXh0ZXJuYWxDQVJv
b3QuY3JsMDUGCCsGAQUFBwEBBCkwJzAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
dXN0LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAGypurFXBOquIxdjtzVXzqmthK8AJECOZD8Vm
am+x9bS1d14PAmEA330F/hKzpICAAPz7HVtqcgIKQbwFusFY1SbC6tVNhPv+gpjPWBvjImOc
Uvi7BTarfVil3qs7Y+Xa1XPv7OD7e+Kj//BCI5zKto1NPuRLGAOyqC3U2LtCS5BphRDbpjc0
6HvgARClnMo6x59PiDRuimXQGoq7qdzKyjbR9PzCZCk1r9axp3ER0gNDsY8+muyeMlP0dpLK
hjQHuSzK5hxK2JkNwYbikJL7WkJqIyEQ6WXH9dW7fuqMhSACYurROgcsWcWZM/I4ieW26RZ6
H3kU9koQGib6fIr7mzCCBfgwggTgoAMCAQICEHNU5Tx9a7TNDWBpDfzOARswDQYJKoZIhvcN
AQELBQAwgZsxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMUEwPwYDVQQDEzhD
T01PRE8gU0hBLTI1NiBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBD
QTAeFw0xNTAzMzAwMDAwMDBaFw0xODAzMjkyMzU5NTlaMIH6MQswCQYDVQQGEwJVUzEOMAwG
A1UEERMFMjIxNTAxCzAJBgNVBAgTAlZBMRQwEgYDVQQHEwtTcHJpbmdmaWVsZDEaMBgGA1UE
CRMRNjkxNyBSaWRnZXdheSBEci4xFTATBgNVBAoTDEpvbiBULiBSYWRlbDEyMDAGA1UECxMp
SXNzdWVkIHRocm91Z2ggSm9uIFQuIFJhZGVsIEUtUEtJIE1hbmFnZXIxHzAdBgNVBAsTFkNv
cnBvcmF0ZSBTZWN1cmUgRW1haWwxEjAQBgNVBAMTCUpvbiBSYWRlbDEcMBoGCSqGSIb3DQEJ
ARYNam9uQHJhZGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN7VG2H2
FtCpo4Of74Ll1UBAf2czZUfeg9rNm587CYgbZJcj+/c+56ZxBDcmSGalDTqBizPJduRMIuyq
8R9qViPzWN238rmVPhpV2PQt8khbJNxT3lXauwK4exK+f8+chywS1eDnesK2pLgQ60n27etj
aE/xgKLLPXJjeaficomz3cwcbgCRdi5WnN9ogAMRNxWsD6trO9cR+cMldcNln1m65XXTrIii
86+FhZKVpW7yetIcmNcVkjYhfCAh5UGgyKHfK7osuPXgj9h1nSsgDwr5Q0H41bpGLe7AdcFu
viOHdmqSuohVSt/VV7JuF2slx2pd0w0eMoNKUKhrFhFsvLUCAwEAAaOCAdUwggHRMB8GA1Ud
IwQYMBaAFJJha4LhoqCqT+xn8cKj97SAAMHsMB0GA1UdDgQWBBTP1gHXRYR8E0eyRHCj/S+H
yppC7DAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
BAYIKwYBBQUHAwIwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwUwKzApBggrBgEFBQcCARYd
aHR0cHM6Ly9zZWN1cmUuY29tb2RvLm5ldC9DUFMwXQYDVR0fBFYwVDBSoFCgToZMaHR0cDov
L2NybC5jb21vZG9jYS5jb20vQ09NT0RPU0hBMjU2Q2xpZW50QXV0aGVudGljYXRpb25hbmRT
ZWN1cmVFbWFpbENBLmNybDCBkAYIKwYBBQUHAQEEgYMwgYAwWAYIKwYBBQUHMAKGTGh0dHA6
Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1NIQTI1NkNsaWVudEF1dGhlbnRpY2F0aW9uYW5k
U2VjdXJlRW1haWxDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv
bTAYBgNVHREEETAPgQ1qb25AcmFkZWwuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBLU976AGA/
5JD9rkjl7vNfRGDQOEffvwseVmLEmBLot8I8vZ50oxRCLdOH0Zd8uN17J5a4xajP3blnMEdw
/CQF4f6Iz8ASG7QOGLSSin+nrqD20Q8lRn8oOyrF100OsPRPKmff/fekdOMkQOrJ3MCDAHQ2
fxuWkxupLBP6PzC49qR8uyPVxIPNetMsuyYhAHtq4DJphd1bJbxirDffqstQK+M5R+eo47KN
WyJ5PD/Q8ug4clobJ7P5W1Xh7KLqnVI2JffYD5+/EEzMpAsKiQTjdxci1z06TOr/9/Z+68an
Xuvyambg6OMzkTaTCyD1sE9QExHj+zGiwpUufSj2vGWjMYIEMTCCBC0CAQEwgbAwgZsxCzAJ
BgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZv
cmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMUEwPwYDVQQDEzhDT01PRE8gU0hBLTI1
NiBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQQIQc1TlPH1rtM0N
YGkN/M4BGzAJBgUrDgMCGgUAoIICVTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG
SIb3DQEJBTEPFw0xNTA1MDYxNTE0MDhaMCMGCSqGSIb3DQEJBDEWBBT75isUBrL1I5GE9ijN
RxDKxIZbJzBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYI
KoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqG
SIb3DQMCAgEoMIHBBgkrBgEEAYI3EAQxgbMwgbAwgZsxCzAJBgNVBAYTAkdCMRswGQYDVQQI
ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9E
TyBDQSBMaW1pdGVkMUEwPwYDVQQDEzhDT01PRE8gU0hBLTI1NiBDbGllbnQgQXV0aGVudGlj
YXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQQIQc1TlPH1rtM0NYGkN/M4BGzCBwwYLKoZIhvcN
AQkQAgsxgbOggbAwgZsxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0
ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMUEwPwYD
VQQDEzhDT01PRE8gU0hBLTI1NiBDbGllbnQgQXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBF
bWFpbCBDQQIQc1TlPH1rtM0NYGkN/M4BGzANBgkqhkiG9w0BAQEFAASCAQAeeMq1tP99YXWL
xKq79kQSI11khLfoK2E1/7mMV7suW1hzV/qb3xJkZczjeJ41TDXYNs1LdGIiYsoifqz3MEz3
Upbp5N+FFfqcJU7+IcCCu5borRzM1c6Js2yYA2uTHrzkgs27yV079AJZp8I9AstKFLuH86Vw
GI9MFuc8G5zwAROFiA1uiqdwxXdmUoFsP1/PGW9nZHnoXR3aOEqomAalViUWdOJrzCaW2Mwv
fSAo8qT5mprmz0XqfKmEJbUBUnT0r70xs9IIcI/gU1yXlQn3swocDUHrgSH0PTWC8XaPW44+
dWF7rMeS3k9yXIG7tFZMm8cMEnE3gG6XD1a96RXJAAAAAAAA
--------------ms060909070007060102020007--



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?554A2FC0.50801>