Re: create keys and certificates for postfix/tls

To: Lucius Rizzo <lucius.rizzo%mail.edu.ky@localhost>
Subject: Re: create keys and certificates for postfix/tls
From: Martin Husemann <martin%duskware.de@localhost>
Date: Mon, 29 Feb 2016 09:50:47 +0100

On Mon, Feb 29, 2016 at 12:05:47AM +0000, Lucius Rizzo wrote:
> You have a few options. All involve the use of openssl to generate key or csr
> 
> See https://www.madboa.com/geek/openssl/
> 
> 1. Create a self signed cert and point Postfix to use ssl key and pem which was self generated
> 2. Use letsencrypt (HIGHLY recommended). IMHO, the introduction of letsencrypt will kill the basic ssl cert signed market.
> 3. Get a signed cert from namecheap. (You can alway buy a throwaway domain and add positivessl cert for a year for US $1.99

I am currently using free certificates from StartSSL.

I looked at letsencrypt, but I couldn't make any sense of it - can somebody
explain (from an admin point of view) how that is supposed to work?

Of course I will NOT install arbitrary 3rd party server side software
(where my server OS isn't even officially supported) to handle
important things like certificate renewals when it is a very simple
task to do just once a year.

Given all the hype about it, I am sure I must be missing something.

What is it?

Martin

Follow-Ups:
- Re: create keys and certificates for postfix/tls
  - From: Swift Griggs
- Re: create keys and certificates for postfix/tls
  - From: Lucius Rizzo
- Re: create keys and certificates for postfix/tls
  - From: Greg Troxel

References:
- create keys and certificates for postfix/tls
  - From: Marco Beishuizen
- Re: create keys and certificates for postfix/tls
  - From: Lucius Rizzo

Prev by Date: Re: RAIDframe corruption
Next by Date: Re: Netbsd xenserver
Previous by Thread: Re: create keys and certificates for postfix/tls
Next by Thread: Re: create keys and certificates for postfix/tls
Indexes:

Home | Main Index | Thread Index | Old Index