From: Bernhard D Rohrer (no email)
Date: Mon Apr 02 2007 - 15:17:54 EDT
Victor Duchovni wrote:
>
> An RSA or DSA key pair.
>
> RSA sanity check:
> # smtpd_tls_cert_file=$(postconf -h smtpd_tls_cert_file)
> # eval "smtpd_tls_key_file=$(postconf -h smtpd_tls_key_file)"
> # mcert=$(openssl x509 -in $smtpd_tls_cert_file -noout -modulus)
> # mkey=$(openssl rsa -in $smtpd_tls_key_file -noout -modulus)
> # if [ "$m1" != "$m2" ]; then echo "Key and cert don't match"; fi
>
thanks!
for some reason postfix seems to be using a standard config
root at collab:/home/graylion# postconf -h smtpd_tls_cert_file
root at collab:/home/graylion# postconf -h smtpd_tls_key_file
$smtpd_tls_cert_file
whereas my main.cf states:
smtp_tls_cert_file = /usr/lib/ssl/collab.pem
smtp_tls_key_file = /usr/lib/ssl/newkey.pem
:/usr/lib/ssl# ls -al
-rw-r----- 1 root ssl 14774 2007-03-27 19:14 collab.pem
-rw-r----- 1 root ssl 3247 2007-03-05 00:39 newkey.pem
postfix is member of ssl
cheers
Bernhard
-- Graylion's Fetish & Fashion Store Goth and Kinky Boots, Clothing and Jewellery http://www.graylion.net
|
|
|