to secure e-mail transfer I would like to use
smtp_tls_security_level = encrypt smtpd_tls_security_level = encrypt
sadly, this does not work
error message is:
status=deferred (TLS is required, but was not offered by host 127.0.0.1[127.0.0.1])
I tried changing the certificate from the snakeoil to a letsencrypt one acquired via lego (go-acme/lego).
I cannot upload it via the webinterface, and I am not allowed to change the option in the “MTA config file” so I chose to make a symlink for the two files:
root@ciphermail:/home/user# ln -s /etc/lego/ciphermail.mydomain.com.crt /etc/ssl/certs/ssl-cert-snakeoil.pem root@ciphermail:/home/user# ln -s /etc/lego/ciphermail.mydomain.com.key /etc/ssl/private/ssl-cert-snakeoil.key
doing this it causes the webinterface to give the error:
A problem occurred Error message:Render queue error in BeginRender[Login]: Error invoking service builder method mitm.djigzo.web.services.SoapModule.buildGlobalPreferencesManagerWS(GlobalPreferencesManagerWSProxyFactory, ApplicationStateManager) (at SoapModule.java:813) (for service 'GlobalPreferencesManagerWS'): org.apache.cxf.service.factory.ServiceConstructionException: Failed to create service. Click here to continueContact your administrator if this condition persists
i have no idea where to go from here.
Is there any further documentation on ssl certificates and how to change them manually?
Thanks in advance.