diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2012-03-24 11:43:03 +0100 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2012-03-24 11:43:03 +0100 |
| commit | dda87f40a4db6426400507d46ccdca1cf96fbbe8 (patch) | |
| tree | b27a6644b15a211c9c42f2b081553ec9c175ff1b | |
| parent | aa998571b544302fbe3d8d3ba49ccebcfbc3d9a6 (diff) | |
Fix favor specific CA cert (not bogusly use CRL file always) for smtpd, but also disable cacert.org as specific file: fallback to other certs is broken due to lack of those files getting mirrored into chroot.
| -rwxr-xr-x | postfix/postfix.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/postfix/postfix.sh b/postfix/postfix.sh index b5be435..8ba2042 100755 --- a/postfix/postfix.sh +++ b/postfix/postfix.sh @@ -26,7 +26,7 @@ exit1() { # Favor specific CA for our own server and client certificates # (comment out to trust any CA) -cacert_smtpd="/etc/ssl/certs/cacert.org.pem" +#cacert_smtpd="/etc/ssl/certs/cacert.org.pem" cacert_smtp= cacert_lmtp= @@ -232,7 +232,7 @@ if [ -n "$sasl2" ] && [ -n "$sslcert" ]; then $postconf -c "$tempdir" -e 'smtp_tls_CApath = /etc/ssl/certs' $postconf -c "$tempdir" -e 'smtpd_tls_CApath = /etc/ssl/certs' $postconf -c "$tempdir" -e 'lmtp_tls_CApath = /etc/ssl/certs' - $postconf -c "$tempdir" -e smtpd_tls_CAfile="${cacert_smptd:-$cacert_default}" + $postconf -c "$tempdir" -e smtpd_tls_CAfile="${cacert_smtpd:-$cacert_default}" $postconf -c "$tempdir" -e smtp_tls_CAfile="${cacert_smtp:-$cacert_default}" $postconf -c "$tempdir" -e lmtp_tls_CAfile="${cacert_lmtp:-$cacert_default}" $postconf -c "$tempdir" -e 'smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache' |