fix provide TLS certificate for outbound opportunistic encryption only when available

author: Jonas Smedegaard <dr@jones.dk> 2020-10-10 18:20:53 +0200
committer: Jonas Smedegaard <dr@jones.dk> 2020-10-10 18:20:53 +0200
commit: 02126f4539f4559390ba0e167cb0ddf24e897367 (patch)
tree: 61fc58d8f66600cec856367804cc6e94e225b79b
parent: 8df2eae25bad38a0c65008a56d76732ea275f3f7 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh
index a32408d..62b228e 100755
--- a/postfix/postfix.sh
+++ b/postfix/postfix.sh
@@ -260,8 +260,13 @@ fi
 
 # outbound opportunistic encryption
 _postconf -e smtp_tls_security_level=may
-_postconf -e smtp_tls_cert_file=/etc/ssl/certs/postfix.pem
-_postconf -e smtp_tls_key_file=/etc/ssl/private/postfix.pem
+if [ -n "$tls_cert" ]; then
+	_postconf -e smtp_tls_cert_file=/etc/ssl/certs/postfix.pem
+	_postconf -e smtp_tls_key_file=/etc/ssl/private/postfix.pem
+else
+	_postconf -X smtp_tls_cert_file
+	_postconf -X smtp_tls_key_file
+fi
 _postconf -e smtp_tls_loglevel=1
 
 # Force TLS towards peers
author	Jonas Smedegaard <dr@jones.dk>	2020-10-10 18:20:53 +0200
committer	Jonas Smedegaard <dr@jones.dk>	2020-10-10 18:20:53 +0200
commit	02126f4539f4559390ba0e167cb0ddf24e897367 (patch)
tree	61fc58d8f66600cec856367804cc6e94e225b79b
parent	8df2eae25bad38a0c65008a56d76732ea275f3f7 (diff)