Difference between revisions of "TLS certificate for sendmail"
From Tech
Jump to navigationJump to search| Line 5: | Line 5: | ||
#webroot for pomo: directoy apache serves for http://pomo.komputilo.org |
#webroot for pomo: directoy apache serves for http://pomo.komputilo.org |
||
| − | To install the certificate in sendmail, insert into /etc/mail/sendmail.mc (partially copied from [https://www.sendmail.org/~ca/email/starttls.html sendmail.org]: |
+ | To install the certificate in sendmail, insert into /etc/mail/sendmail.mc (partially copied from [https://www.sendmail.org/~ca/email/starttls.html sendmail.org], and [https://community.letsencrypt.org/t/letsencrypt-and-sendmail/24885/2 letsencrypt.org]): |
define(`confCACERT_PATH', `/etc/letsencrypt/live/pomo.komputilo.org')dnl |
define(`confCACERT_PATH', `/etc/letsencrypt/live/pomo.komputilo.org')dnl |
||
define(`confCACERT', `/etc/letsencrypt/live/pomo.komputilo.org/chain.pem')dnl |
define(`confCACERT', `/etc/letsencrypt/live/pomo.komputilo.org/chain.pem')dnl |
||
Revision as of 10:30, 18 April 2020
Getting the certificate:
apt install certbot certbot certonly --webroot #domain name: pomo.komputilo.org #webroot for pomo: directoy apache serves for http://pomo.komputilo.org
To install the certificate in sendmail, insert into /etc/mail/sendmail.mc (partially copied from sendmail.org, and letsencrypt.org):
define(`confCACERT_PATH', `/etc/letsencrypt/live/pomo.komputilo.org')dnl define(`confCACERT', `/etc/letsencrypt/live/pomo.komputilo.org/chain.pem')dnl define(`confSERVER_CERT', `/etc/letsencrypt/live/pomo.komputilo.org/cert.pem')dnl define(`confSERVER_KEY', `/etc/letsencrypt/live/pomo.komputilo.org/privkey.pem')dnl define(`confCLIENT_CERT', `/etc/letsencrypt/live/pomo.komputilo.org/cert.pem')dnl define(`confCLIENT_KEY', `/etc/letsencrypt/live/pomo.komputilo.org/privkey.pem')dnl define(`confAUTH_OPTIONS', `A p y')dnl
