API tools faq
paste
thufir

tls

thufir
Jun 16th, 2014
277
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.83 KB | None | 0 0
raw download clone embed print report
  1. thufir@dur:~$
  2. thufir@dur:~$ sudo ./tls.script
  3. Error opening Private Key
  4. 3073578684:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('','r')
  5. 3073578684:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
  6. unable to load Private Key
  7. thufir@dur:~$
  8. thufir@dur:~$ nl tls.script
  9. 1 # dir="$(postconf -h config_directory)"
  10. 2 # fqdn=$(postconf -h myhostname)
  11. 3 # case $fqdn in /*) fqdn=$(cat "$fqdn");; esac
  12. 4 # ymd=$(date +%Y-%m-%d)
  13. 5 # key="${dir}/key-${ymd}.pem"; rm -f "${key}"
  14. 6 # cert="${dir}/cert-${ymd}.pem"; rm -f "${cert}"
  15. 7 # (umask 077; openssl genrsa -out "${key}" 2048) &&
  16. 8 openssl req -new -key "${key}" \
  17. 9 -x509 -subj "/CN=${fqdn}" -days 3650 -out "${cert}" &&
  18. 10 postconf -e \
  19. 11 "smtpd_tls_cert_file = ${cert}" \
  20. 12 "smtpd_tls_key_file = ${key}"
  21.  
  22. thufir@dur:~$
  23. thufir@dur:~$ postconf -n
  24. alias_database = hash:/etc/aliases
  25. alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
  26. append_dot_mydomain = no
  27. biff = no
  28. broken_sasl_auth_clients = yes
  29. config_directory = /etc/postfix
  30. default_transport = error
  31. home_mailbox = Maildir/
  32. inet_interfaces = all
  33. mailbox_command =
  34. mailbox_size_limit = 0
  35. mailman_destination_recipient_limit = 1
  36. mydestination = dur.bounceme.net, localhost.bounceme.net, localhost
  37. myhostname = dur.bounceme.net
  38. mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
  39. myorigin = /etc/mailname
  40. readme_directory = no
  41. recipient_delimiter = +
  42. relay_domains = lists.dur.bounceme.net
  43. relay_transport = error
  44. relayhost =
  45. smtp_tls_note_starttls_offer = yes
  46. smtp_tls_security_level = may
  47. smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
  48. smtp_use_tls = yes
  49. smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
  50. smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
  51. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
  52. smtpd_sasl_auth_enable = yes
  53. smtpd_sasl_authenticated_header = yes
  54. smtpd_sasl_local_domain =
  55. smtpd_sasl_path = private/dovecot-auth
  56. smtpd_sasl_security_options = noanonymous
  57. smtpd_sasl_type = dovecot
  58. smtpd_sender_restrictions = reject_unknown_sender_domain
  59. smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
  60. smtpd_tls_auth_only = no
  61. smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
  62. smtpd_tls_key_file = /etc/ssl/private/smtpd.key
  63. smtpd_tls_loglevel = 2
  64. smtpd_tls_mandatory_ciphers = medium
  65. smtpd_tls_mandatory_protocols = SSLv3, TLSv1
  66. smtpd_tls_received_header = yes
  67. smtpd_tls_security_level = may
  68. smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
  69. smtpd_tls_session_cache_timeout = 3600s
  70. smtpd_use_tls = yes
  71. tls_random_source = dev:/dev/urandom
  72. transport_maps = hash:/etc/postfix/transport
  73. thufir@dur:~$
  74. thufir@dur:~$
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!