[CentOS] SSL Certificate

Tue Mar 12 01:00:47 UTC 2013
Mike McCarthy <sysop at w1nr.net>

For the WEB server it makes sens to have a certificate that is signed by
a known CA. However, for postfix a self signed cert is just fine. When a
user first connects with TLS, the mail client will complain. But with
most mail clients (I use Thunderbird), you can get the certificate and
store a permanent exception so it will never complain again. Other
servers that make connections to deliver mail with STARTTLS generally
don't care.


On 03/11/2013 07:05 PM, Austin Einter wrote:
> Dear All
> This is my continuation of postfix setup.
> Following link
> http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServerfor
> postfix setup.
> At one stage it says,
> Configuring The Server Setup SSL Certificate
> Now generate an SSL certificate for postfix and dovecot to have TLS
> support. Replace mail.example.com with your server hostname.
>> genkey --days 3650 mail.example.com
> My doubt is ,
> 1. I have to install a SSL certificate for for web server (apache case). I
> am planning to purchase a SSL certificate and put it. The same certificate
> will be useful for both web server and mail server OR both web and mail
> server needs to separate separate SSL certificates.
> 2. I hope for web server case, one must purchase a ssl certificate and use
> it (so that browsers will work smoothly without complain). For mail server
> can one use locally generated ssl certificate?
> Kindly let me know.
> Best Regards
> Austin
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos