http://bugzilla.opensuse.org/show_bug.cgi?id=1137181 http://bugzilla.opensuse.org/show_bug.cgi?id=1137181#c1 Per Jessen <per@computer.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |per@computer.org --- Comment #1 from Per Jessen <per@computer.org> --- (In reply to Martin Klein from comment #0)
Looks like there is a bug in SuSE's implementation of postfix tls certificate handling.
smtp_tls_CAfile = Deutsche_Telekom_Root_CA_2.pem smtp_tls_CApath = /var/lib/ca-certificates/openssl
or any other combination of CApath and CAfile does not work. The certificate (the pem-file) cannot be found.
Simply do
smtp_tls_CAfile = /var/lib/ca-certificates/openssl/Deutsche_Telekom_Root_CA_2.pem smtp_tls_CApath = /var/lib/ca-certificates/openssl
and all is well. :-)
Normally you use one or the other - CAfile or CApath. CApath is not used as a search path for CAfile. See http://www.postfix.org/postconf.5.html#smtpd_tls_CApath What ought to work is this: smtp_tls_CApath = /var/lib/ca-certificates/openssl provided you have created the hashes. -- You are receiving this mail because: You are on the CC list for the bug.