steve%prd.co.uk@localhost (Steve Blinkhorn) writes: > This is still a live issue - apologies, I missed your post last week. > > Here are the file specs from my /etc/postfix/main.cf: > > smtpd_tls_cert_file = /etc/ssl/certs/myname.pem > smtpd_tls_key=/etc/ssl/private/myname.key > > > It's clear from the runtime error message that the certificate is not, > in effect, being read. But the current file names and contents > produce the fewest errors. Could it be the .pem file extension, or > is there a hard-coded location for the certificate and ley that I need > to conform too? > > Or could it be that the content of the files is wrong? I found > myself going round in circles and making no progres. > > This is NetBSD 4.01, with the SSL libraries updated to the latest > version for that release. I put them in /usr/pkg/etc/postfix. Of course the snmp daemon needs to be able to read the files - /etc/openssl/private on my systems are root-owned 700. My key file is key.pem and starts like: -----BEGIN RSA PRIVATE KEY----- The certificate file is post.pem and starts -----BEGIN CERTIFICATE----- and both can be read with 'openssl ans1parse'.
Attachment:
pgpH89SLk7XU4.pgp
Description: PGP signature