hi all!
System: RHEL 5, Apache 2.2.3, Postfix 2.5.6
I have been trying to enable TLS on our postfix server following this tutorial:
http://postfix.state-of-mind.de/patr...s_support.html
this is the TLS section in my main.cf:
smtpd_tls_security_level = may
#smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/cert/ssl-key.pem
smtpd_tls_cert_file = /etc/postfix/cert/ssl-cert.pem
smtpd_tls_CAfile = /etc/postfix/cert/ssl-ca.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
The issue is that clients still can't connect SMTP when attempting to send with SSL enabled
another problem is, that when I test if the server is advertising TLS with "telnet mail.{mydomain}.com 25" it shows the AUTH and STARTTLS line only when I call this command on the server itself, but it does not show the STARTTLS line when i check the server from another client.
So it seems that postfix only advertises TLS to localhost?
The certificate is from Globalsign, the only difference is that I didn't create the key myself. It was created by my Webhost, but it was created for the correct domain.
what am I missing? any help is appreciated.