summaryrefslogtreecommitdiffstats
path: root/roles/MX
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2015-12-20 14:13:08 +0100
committerGuilhem Moulin <guilhem@fripost.org>2015-12-20 14:13:13 +0100
commitda2572ddb144086034eba1989ae909763e95c680 (patch)
treed3374338793592412ca1b10fb4fc20068a392c4e /roles/MX
parent01e59771866559cc13a58800282617d04cb286a6 (diff)
Use the Let's Encrypt CA for our public certs.
Diffstat (limited to 'roles/MX')
-rw-r--r--roles/MX/tasks/main.yml2
-rw-r--r--roles/MX/templates/etc/postfix/main.cf.j24
2 files changed, 3 insertions, 3 deletions
diff --git a/roles/MX/tasks/main.yml b/roles/MX/tasks/main.yml
index da6923b..1b820e3 100644
--- a/roles/MX/tasks/main.yml
+++ b/roles/MX/tasks/main.yml
@@ -82,7 +82,7 @@
# Ensure we don't fetch private data
sudo: False
# `/usr/sbin/postmulti -i mx -x /usr/sbin/postconf -xh smtpd_tls_cert_file`
- fetch: src=/etc/ssl/certs/ssl-cert-snakeoil.pem
+ fetch: src=/etc/postfix/ssl/mx.fripost.org.pem
dest=certs/public/mx{{ mxno | default('') }}.fripost.org.pem
fail_on_missing=yes
flat=yes
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2
index b9f7c09..0259538 100644
--- a/roles/MX/templates/etc/postfix/main.cf.j2
+++ b/roles/MX/templates/etc/postfix/main.cf.j2
@@ -93,8 +93,8 @@ smtp_tls_fingerprint_digest = sha256
smtpd_tls_security_level = may
smtpd_tls_exclude_ciphers = EXPORT, LOW, MEDIUM, aNULL, eNULL, DES, RC4, MD5
-smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
-smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
+smtpd_tls_cert_file = /etc/postfix/ssl/mx.fripost.org.chained.pem
+smtpd_tls_key_file = /etc/postfix/ssl/mx.fripost.org.key
smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams.pem
smtpd_tls_CApath = /etc/ssl/certs/
smtpd_tls_session_cache_database= btree:$data_directory/smtpd_tls_session_cache
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 23:16:47 +0000