I am trying to get Postfix to work using SASL and TLS. Last week I configured Dovecot to utilize my Verisign SSL certificates for TLS on Imap4 which appears to be working perfect. Now I would like the same thing on the SMTP side for Postfix.
I followed
this guide in order to 1st get SASL working. It appears to be working fine.
Code:
[root@mail ~]# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 mail.iamghost.com ESMTP
EHLO iamghost.com
250-mail.iamghost.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN FB36s8djkwBzEwmJaz1jgGnaT=
235 2.0.0 Authentication successful
quit
221 2.0.0 Bye
So I can see that SASL authentication is working fine above...
Now when I try and get TLS working, I get an error from my client forcing TLS encryption while sending mail:
"Unable to connect to SMTP server via STARTLS since it does not offer STARTLS in EHLO response. Please verify your settings."
I am thinking the problem is my Verisign SSL certificates. Either Postfix can't access them because of the passphrase on my private key or something else is wrong. Does anyone know how I can self sign my own certificate I generate myself via OpenSSL? I am guessing I still need a CA for my self signed certificate.