diff options
| author | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-09-16 23:51:51 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-09-16 23:51:51 +0200 |
| commit | 65d3ec0436dea9135cbe1a33f4f9d8e69b6629ea (patch) | |
| tree | 06e7506cccb43cb3bd0674e7bd46d55aedfd858e | |
| parent | 19d5d377ebaab4287da55a0e499839e7b783728c (diff) | |
CApath.
| -rw-r--r-- | fripost-docs.org | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/fripost-docs.org b/fripost-docs.org index 00baf00..fa698d3 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -1352,6 +1352,16 @@ In the rest of this section, we assume there is a tunnel from the master LDAP server to the machine that hosts SASLauthd (i.e., ldap://127.0.0.1:3890 on this machine actually speaks to the master). +**** CApath + +As of Debian Squeeze, Postfix doesn't copy the content of 'smtp_tls_CApath' and +'smtpd_tls_CApath' in the chroot jail. This leads to a flood of "Untrusted +connections" since Postfix doesn't have any root CA to trust. +To do it by hand, copy the files (don't forget the symlink targets) under +'/var/spool/postfix/etc/ssl/certs' and c_rehash this last directory. + +A script is availble in the fripost-admin repository. + **** Configure SASLauthd :: /etc/default/saslauthd |