Facebook
Twitter
TimReeves
Regular Pleskian
Hi all,
up until about a couple of months ago, in /etc/postfix/main.cf it said:
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
Since recently this has changed (Debian 8.9), on the last 2 servers I installed it reads:
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
This means that my scripts, which set the server default cert for postfix at /etc/postfix/postfix_default.pem, no longer work. Shame, in several Plesk articles those values are referred to, so now, for Debian the articles are no longer correct.
I checked out the Plesk CLI mail server utility, but it does not offer any option to set this value. And I don't really want to overwrite /etc/ssl/certs/ssl-cert-snakeoil.pem. So I have tried manually editing /etc/postfix/main.cf to restore the previous standard values (which of course works), and then I tried:
# /usr/local/psa/admin/sbin/mchk
# /usr/local/psa/bin/repair --mail
and found out that the do not overwrite my manual edit. So I'm OK (I think) but this is all very annoying. If Plesk articles state that the value is such-and-such, then Plesk distribution packages (or utilities) should ensure that those values are reliably set.
Does anyone have any more info on this topic, why the standard value has been changed?
Cheers,
Tim
up until about a couple of months ago, in /etc/postfix/main.cf it said:
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
Since recently this has changed (Debian 8.9), on the last 2 servers I installed it reads:
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
This means that my scripts, which set the server default cert for postfix at /etc/postfix/postfix_default.pem, no longer work. Shame, in several Plesk articles those values are referred to, so now, for Debian the articles are no longer correct.
I checked out the Plesk CLI mail server utility, but it does not offer any option to set this value. And I don't really want to overwrite /etc/ssl/certs/ssl-cert-snakeoil.pem. So I have tried manually editing /etc/postfix/main.cf to restore the previous standard values (which of course works), and then I tried:
# /usr/local/psa/admin/sbin/mchk
# /usr/local/psa/bin/repair --mail
and found out that the do not overwrite my manual edit. So I'm OK (I think) but this is all very annoying. If Plesk articles state that the value is such-and-such, then Plesk distribution packages (or utilities) should ensure that those values are reliably set.
Does anyone have any more info on this topic, why the standard value has been changed?
Cheers,
Tim
