Created
April 13, 2019 14:00
-
-
Save Mati365/f161c4c09e194b36f8d0325e848362ff to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # copied from https://www.e-rave.nl/create-a-self-signed-ssl-key-for-postfix | |
| openssl genrsa -des3 -out mail.domain.tld.key 2048 | |
| chmod 600 mail.domain.tld.key | |
| openssl req -new -key mail.domain.tld.key -out mail.domain.tld.csr | |
| openssl x509 -req -days 365 -in mail.domain.tld.csr -signkey mail.domain.tld.key -out mail.domain.tld.crt | |
| openssl rsa -in mail.domain.tld.key -out mail.domain.tld.key.nopass | |
| mv mail.domain.tld.key.nopass mail.domain.tld.key | |
| openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 | |
| chmod 600 mail.domain.tld.key | |
| chmod 600 cakey.pem | |
| mv mail.domain.tld.key /etc/ssl/private/ | |
| mv mail.domain.tld.crt /etc/ssl/certs/ | |
| mv cakey.pem /etc/ssl/private/ | |
| mv cacert.pem /etc/ssl/certs/ | |
| postconf -e 'smtpd_tls_auth_only = no' | |
| postconf -e 'smtp_use_tls = yes' | |
| postconf -e 'smtpd_use_tls = yes' | |
| postconf -e 'smtp_tls_note_starttls_offer = yes' | |
| postconf -e 'smtpd_tls_key_file = /etc/ssl/private/mail.domain.tld.key' | |
| postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/mail.domain.tld.crt' | |
| postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem' | |
| postconf -e 'smtpd_tls_loglevel = 1' | |
| postconf -e 'smtpd_tls_received_header = yes' | |
| postconf -e 'smtpd_tls_session_cache_timeout = 3600s' | |
| postconf -e 'tls_random_source = dev:/dev/urandom' | |
| postconf -e 'myhostname = mail.example.com' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment