Merge pull request #34 from davidkarlsen/sslCa

add config parameter smtp_tls_CApath to validate peers
This commit is contained in:
puneet kandhari 2015-12-31 09:01:35 -06:00
commit f7c43ae6b0
2 changed files with 2 additions and 0 deletions

View File

@ -26,6 +26,7 @@ postfix:
config:
smtpd_banner: $myhostname ESMTP $mail_name
smtp_tls_CApath = /etc/ssl/certs
biff: 'no'
append_dot_mydomain: 'no'
readme_directory: 'no'

View File

@ -57,6 +57,7 @@
{{ set_parameter('smtpd_use_tls') }}
{{ set_parameter('smtpd_tls_loglevel', 1) }}
{{ set_parameter('smtpd_tls_security_level', 'may') }}
{{ set_parameter('smtp_tls_CApath', '/etc/ssl/certs' }}
{{ set_parameter('smtpd_tls_cert_file', '/etc/ssl/certs/ssl-cert-snakeoil.pem') }}
{{ set_parameter('smtpd_tls_key_file', '/etc/ssl/private/ssl-cert-snakeoil.key') }}
{{ set_parameter('smtpd_tls_session_cache_database', 'btree:${data_directory}/smtpd_scache') }}