aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem.moulin@fripost.org>2012-09-16 23:51:51 +0200
committerGuilhem Moulin <guilhem.moulin@fripost.org>2012-09-16 23:51:51 +0200
commit65d3ec0436dea9135cbe1a33f4f9d8e69b6629ea (patch)
tree06e7506cccb43cb3bd0674e7bd46d55aedfd858e
parent19d5d377ebaab4287da55a0e499839e7b783728c (diff)
CApath.
-rw-r--r--fripost-docs.org10
1 files changed, 10 insertions, 0 deletions
diff --git a/fripost-docs.org b/fripost-docs.org
index 00baf00..fa698d3 100644
--- a/fripost-docs.org
+++ b/fripost-docs.org
@@ -1352,6 +1352,16 @@ In the rest of this section, we assume there is a tunnel from the master
LDAP server to the machine that hosts SASLauthd (i.e., ldap://127.0.0.1:3890 on
this machine actually speaks to the master).
+**** CApath
+
+As of Debian Squeeze, Postfix doesn't copy the content of 'smtp_tls_CApath' and
+'smtpd_tls_CApath' in the chroot jail. This leads to a flood of "Untrusted
+connections" since Postfix doesn't have any root CA to trust.
+To do it by hand, copy the files (don't forget the symlink targets) under
+'/var/spool/postfix/etc/ssl/certs' and c_rehash this last directory.
+
+A script is availble in the fripost-admin repository.
+
**** Configure SASLauthd
:: /etc/default/saslauthd