change smtp tls certificat

Discussion in 'Installation/Configuration' started by admins, Nov 24, 2009.

  1. admins

    admins Member HowtoForge Supporter

    Hi all

    how could I regenerate the smtp tls certificat for a debian ispconfig 3.0.1.6
    server?

    I've a false CN in the actual certificat.

    Thanks
    admins
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    You can use the steps "Afterwards we create the certificates for TLS: " from here:

    http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig2-p4

    Code:
    mkdir /etc/postfix/ssl
    cd /etc/postfix/ssl/
    openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
    
    chmod 600 smtpd.key
    openssl req -new -key smtpd.key -out smtpd.csr
    
    openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
    
    openssl rsa -in smtpd.key -out smtpd.key.unencrypted
    
    mv -f smtpd.key.unencrypted smtpd.key
    openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
     
  3. admins

    admins Member HowtoForge Supporter

    Code:
    STARTTLS-Befehl gescheitert: TLS not available due to local problem
    main.cf:
    Code:
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.cert
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scach
    whats wrong?
     
  4. falko

    falko Super Moderator ISPConfig Developer

    Any errors in your mail log?
     

Share This Page