LinuxQuestions.org - Postfix / TLS Help

I am trying to get Postfix to work using SASL and TLS. Last week I configured Dovecot to utilize my Verisign SSL certificates for TLS on Imap4 which appears to be working perfect. Now I would like the same thing on the SMTP side for Postfix.

I followed this guide in order to 1st get SASL working. It appears to be working fine.

Code:

[root@mail ~]# telnet 127.0.0.1 25

Trying 127.0.0.1...

Connected to 127.0.0.1.

Escape character is '^]'.

220 mail.iamghost.com ESMTP

EHLO iamghost.com

250-mail.iamghost.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN

250-AUTH=PLAIN LOGIN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

AUTH PLAIN FB36s8djkwBzEwmJaz1jgGnaT=

235 2.0.0 Authentication successful

quit

221 2.0.0 Bye

So I can see that SASL authentication is working fine above...

Now when I try and get TLS working, I get an error from my client forcing TLS encryption while sending mail:

"Unable to connect to SMTP server via STARTLS since it does not offer STARTLS in EHLO response. Please verify your settings."

I am thinking the problem is my Verisign SSL certificates. Either Postfix can't access them because of the passphrase on my private key or something else is wrong. Does anyone know how I can self sign my own certificate I generate myself via OpenSSL? I am guessing I still need a CA for my self signed certificate.