I have just updated the SSL certificates on the Postfix mail server.
Here are some notes.
You should have your private key file.
a) your_mailserver_com.key
I purchased the certificate from GoDaddy.
The downloaded zipped file included three files.
b) 1940e7249efa77a6.crt
c) 1940e7249efa77a6.pem
d) gd_bundle-g2-g1.crt
Next, you created the full chain pem file from b) and d) above.
Then, you replace the existing private key and the full chain certificate.
By the way, always create backup copies of the current files before replacing them.
Here, the location of target files is written in /etc/postfix/main.cf.
# grep key_file main.cf
smtpd_tls_key_file = /etc/postfix/my_mailserver_com.key
# ls -l /etc/postfix/mail_hishawaii_com.key
-rw-r--r-- 1 root root 1704 Aug 24 2022 /etc/postfix/my_mailserver_com.key
# grep cert_file main.cf
smtpd_tls_cert_file = /etc/postfix/my_mailserver_com.pem
# ls -l /etc/postfix/mail_hishawaii_com.pem
-rw-r--r-- 1 root root 7153 Aug 24 2022 /etc/postfix/my_mailserver_com.pem
Finally, you restart Postfix service.
# postfix check
# systemctl restart postfix
0 件のコメント:
コメントを投稿