postfix: client certificates: refer to the correct (own) root certificates.

author: root@culturestrings <root@culturestrings> 2020-08-18 15:12:57 +0000
committer: root@culturestrings <root@culturestrings> 2020-08-18 15:12:57 +0000
commit: 8a14eeb06c5b29e0b6b58906b9a841d88e55d932 (patch)
tree: a0c10a5d3e5679372f284f8d3c7352f5cd7af468
parent: 51269eeb8b304c91b0665c419770b0c56f93f2fc (diff)
download: culturestrings-8a14eeb06c5b29e0b6b58906b9a841d88e55d932.tar.bz2
culturestrings-8a14eeb06c5b29e0b6b58906b9a841d88e55d932.tar.xz
1 files changed, 3 insertions, 2 deletions
diff --git a/public/fs/etc/postfix/main.cf.in b/public/fs/etc/postfix/main.cf.in
index 5d6d80f..12ddbf2 100644
--- a/public/fs/etc/postfix/main.cf.in
+++ b/public/fs/etc/postfix/main.cf.in
@@ -37,6 +37,7 @@ internal_mail_filter_classes    = bounce
 
 # tls ...
 tls_random_source               = dev:/dev/urandom
+tls_append_default_CA           = no
 
 smtp_tls_loglevel               = 3
 smtp_tls_security_level         = encrypt
@@ -55,8 +56,8 @@ smtpd_use_tls                   = yes
 smtpd_tls_auth_only             = yes
 smtpd_tls_received_header       = yes
 
-smtpd_tls_CApath                = /etc/ssl/certs
-smtpd_tls_CAfile                = /srv/webroot/@smtphost@/ssl/cert.pem
+smtpd_tls_CApath                = /etc/easy-rsa/pki
+smtpd_tls_CAfile                = /etc/easy-rsa/pki/ca.crt
 
 meta_directory                  = /usr/lib/postfix
 setgid_group                    = maildrop
author	root@culturestrings <root@culturestrings>	2020-08-18 15:12:57 +0000
committer	root@culturestrings <root@culturestrings>	2020-08-18 15:12:57 +0000
commit	8a14eeb06c5b29e0b6b58906b9a841d88e55d932 (patch)
tree	a0c10a5d3e5679372f284f8d3c7352f5cd7af468
parent	51269eeb8b304c91b0665c419770b0c56f93f2fc (diff)
download	culturestrings-8a14eeb06c5b29e0b6b58906b9a841d88e55d932.tar.bz2 culturestrings-8a14eeb06c5b29e0b6b58906b9a841d88e55d932.tar.xz