I didn't opt for ISPConfig as I'm hosting only 1 website on a static IP. I did everything except install ISPConfig. I followed the guide for Securing the installation with a SSL Certificate, I made a mistake and didn't skip the first step and copied what they told me into a file. I was able to get Apache2 to use the certificate and moved onto postfix. Following is in the log: (Telnet 25) - startssl Code: Out: 454 4.7.0 TLS not available due to local problem Server Log Shows: (StartUp) Code: Apr 2 14:49:11 mail authdaemond: modules="authmysql", daemons=5 Apr 2 14:49:11 mail authdaemond: Installing libauthmysql Apr 2 14:49:11 mail authdaemond: Installation complete: authmysql Apr 2 14:49:15 mail postfix/master[1818]: daemon started -- version 2.8.5, configuration /etc/postfix Now the fun part when I try to connect to the server: Code: Apr 2 14:50:23 mail imapd-ssl: couriertls: /etc/courier/imapd.pem: error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib When email is sent from somewhere like gmail, I get the following error and then I get a nice email error message in my inbox showing the ehlo localhost and starttsl: Code: Apr 2 14:50:45 mail postfix/smtpd[1948]: warning: cannot get RSA private key from file /etc/postfix/smtpd.key: disabling TLS support Apr 2 14:50:45 mail postfix/smtpd[1948]: warning: TLS library problem: 1948:error:0906406D:PEM routines:PEM_def_callback:problems getting password:pem_lib.c:111: Apr 2 14:50:45 mail postfix/smtpd[1948]: warning: TLS library problem: 1948:error:0906A068:PEM routines:PEM_do_header:bad password read:pem_lib.c:454: Apr 2 14:50:45 mail postfix/smtpd[1948]: warning: TLS library problem: 1948:error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669: Apr 2 14:50:45 mail postfix/smtpd[1948]: connect from mail-we0-f173.google.com[74.125.82.173] AND.. EDIT: Code: Apr 2 15:08:35 mail postfix/smtpd[1965]: cannot load Certificate Authority data: disabling TLS support Apr 2 15:08:35 mail postfix/smtpd[1965]: warning: TLS library problem: 1965:error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen('/usr/local/ssl/startssl.sub.classl.server.ca.crt','r'): Apr 2 15:08:35 mail postfix/smtpd[1965]: warning: TLS library problem: 1965:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:172: Apr 2 15:08:35 mail postfix/smtpd[1965]: warning: TLS library problem: 1965:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:274: Apr 2 15:08:36 mail postfix/smtpd[1965]: connect from mail-wg0-f41.google.com[74.125.82.41] Apr 2 15:08:36 mail postfix/cleanup[1967]: 4CDE62B010EB: message-id=<[email protected]> Apr 2 15:08:36 mail postfix/qmgr[1754]: 4CDE62B010EB: from=<[email protected]>, size=967, nrcpt=1 (queue active) Apr 2 15:08:36 mail postfix/smtpd[1965]: disconnect from mail-wg0-f41.google.com[74.125.82.41] Apr 2 15:08:36 mail postfix/cleanup[1967]: 6E0F82B012BE: message-id=<[email protected]> Apr 2 15:08:36 mail postfix/qmgr[1754]: 6E0F82B012BE: from=<[email protected]>, size=1120, nrcpt=1 (queue active) Apr 2 15:08:36 mail postfix/local[1968]: 4CDE62B010EB: to=<[email protected]>, orig_to=<postmaster>, relay=local, delay=0.2, delays=0.11/0.03/0/0.06, dsn=2.0.0, status=sent (forwarded as 6E0F82B012BE) Apr 2 15:08:36 mail postfix/qmgr[1754]: 4CDE62B010EB: removed Apr 2 15:08:36 mail postfix/virtual[1969]: 6E0F82B012BE: to=<[email protected]>, orig_to=<postmaster>, relay=virtual, delay=0.14, delays=0.06/0.01/0/0.07, dsn=2.0.0, status=sent (delivered to maildir) Apr 2 15:08:36 mail postfix/qmgr[1754]: 6E0F82B012BE: removed Apr 2 15:09:00 mail postfix/smtpd[1899]: timeout after END-OF-MESSAGE from localhost.localdomain[127.0.0.1] Apr 2 15:09:00 mail postfix/smtpd[1899]: disconnect from localhost.localdomain[127.0.0.1] I've just about done all google searching on the errors and I've made some alterations, but only to regenerate the key without the passphrase requirement and chmod 600 to the file. /etc/postfix/main.cf (Just the TLS portion) Code: # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_tls_CAfile = /usr/local/ssl/startssl.sub.classl.server.ca.crt smtpd_tls_CApath = /usr/local/ssl smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache Thank you ahead of time for reading all of this and offering assistance, I've enjoyed reading each of the tutorials and learning from them.
The setup you used are the installation instructions for ispconfig, so its not a setup that works without ispconfig as the services are configured by the ispconfig installer. So by skipping the ispconfig installation you skipped the configuration of all services as the final config files that are required for e.g smtp auth are part of the ispconfig installer. So if you want to get a working setup, you should consider to install ispconfig even if you want to run just one website.
I tried that route, but the issue was my hostname is my FQDM and I guess it's the default site for ISPConfig so I couldn't add the domain and do all the ftp things. If I could figure that part out and then setup sub domains for different features for the site it would be worth it. I know buy the guide, but I simply can't afford it lol. Thanks for your reply!
Ispconfig has no default site, so you can use any domain name for sites in ispconfig. The reason why you should not use your main domain as hostname is postfix. So you use something like server1.example.com and not example.com as hostname as it is described in the install guide. You dont have to buy any guides to install ispconfig, all install guides are freely available here at howtoforge. And to add a website you dont need a guide, just click on new website, enter the domain name and click sve. Thats all and described many times here in he forum.
Sorry I meant the manual, the confusing part is the hostname.. I used my FQDM when doing the install so I chose mail.mydomain.com and then postfix wanted the hostname so I gave it mail.mydomain.com. I'm getting ready to do a fresh build now and to avoid any errors, just so I'm clear I set the hostname as mentioned above, but for the postfix portion when it asks for the hostname what value should I give it? Last but not least, and I do apologize for my ignorance. The DNS values when installing are they the ISP or the DNS server my url is registered with? Thanks for your patience and for being available to help!
