SSL in Postfix with Intermediate Certificate

This article describes just how to install certificates with intermediate certificate in Postfix, it does not describe how to configure Postfix for SSL as that is pretty complex topic.

For configuration you need these files: domain.tld.key (your private key), domain.tld.crt (your public certificate) and intermediate.crt (intermediate certificate of your certificate authority).

The configuration is pretty easy (once you know the steps). First you need to create combined PEM file:

cat domain.tld.key domain.tld.crt intermediate.crt > domain.tld.pem

Next you need to change two variables in Postfix main.cf configuration file:

...
smtpd_tls_cert_file = /path/to/domain.tld.pem
smtpd_tls_key_file = /path/to/domain.tld.pem
...

Now just restart postfix daemon and you’re done 🙂

Tags:

One Response to “SSL in Postfix with Intermediate Certificate”

  1. Andy Says:
    July 2nd, 2012 at 08:44

    Wow i think it’s a bit too much but if it works for you ….
    I recommend to leave the key separate and only combine the two certificates into one file. You’d have to change only the line with tls_cert:
    smtpd_tls_cert_file = /path/to/domain.tld.pem

Leave a Reply

You must be logged in to post a comment.