{"id":326,"date":"2015-03-11T12:42:12","date_gmt":"2015-03-11T06:42:12","guid":{"rendered":"https:\/\/workit.kz\/?p=326"},"modified":"2015-03-11T12:42:12","modified_gmt":"2015-03-11T06:42:12","slug":"clearos-startssl-postfix-cyrus","status":"publish","type":"post","link":"https:\/\/workit.kz\/?p=326","title":{"rendered":"ClearOS StartSSL Postfix (Cyrus)"},"content":{"rendered":"<p>&#160;\u0414\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0432 Postfix \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 StartSSL, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e:<\/p>\r\n<ul>\r\n    <li>imap \u0438 smtp \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0432\u0430\u0448\u0435\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438<\/li>\r\n    <li>imap \u0438 smtp \u043a\u043b\u044e\u0447\u0438 \u0432\u0430\u0448\u0435\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438<\/li>\r\n    <li>\u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 StartSSL (<a href=\"http:\/\/www.startssl.com\/certs\/ca-bundle.crt\">ca-bundle.crt<\/a>)<\/li>\r\n<\/ul>\r\n<!--more-->\r\n<p>\u041a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b:<\/p>\r\n<pre>\r\n# cp ca-bundle.crt \/etc\/pki\/tls\/certs\/\r\n# mkdir \/etc\/pki\/postfix\r\n# cp smtp.pem smtp.key \/etc\/pki\/postfix\r\n# cp imap.pem imap.key \/etc\/pki\/postfix<\/pre>\r\n<p>\u0412\u043d\u043e\u0441\u0438\u043c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0444\u0430\u0439\u043b \/etc\/postfix\/main.cf<\/p>\r\n<pre>\r\nsmtpd_use_tls = yes\r\nsmtpd_tls_CAfile = \/etc\/pki\/tls\/certs\/ca-bundle.crt\r\nsmtpd_tls_cert_file = \/etc\/pki\/postfix\/smtp.pem\r\nsmtpd_tls_key_file = \/etc\/pki\/postfix\/smtp.key\r\nsmtpd_tls_session_cache_database=btree:\/var\/lib\/postfix\/smtpd_tls_session_cache\r\nsmtpd_tls_loglevel = 1\r\nsmtpd_tls_received_header = yes\r\nsmtpd_tls_auth_only = no\r\ntls_random_source = dev:\/dev\/urandom<\/pre>\r\n<p>\u041f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u043c \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438&#160;\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b:<\/p>\r\n<pre>\r\n# openssl s_client -starttls smtp -showcerts -connect localhost:25<\/pre>\r\n<p>\u0412\u043d\u043e\u0441\u0438\u043c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0444\u0430\u0439\u043b \/etc\/imapd.conf<\/p>\r\n<pre>\r\ntls_cert_file: \/etc\/pki\/postfix\/imap.pem\r\ntls_key_file: \/etc\/pki\/postfix\/imap.key\r\ntls_ca_file: \/etc\/pki\/tls\/certs\/ca-bundle.crt<\/pre>\r\n<p>\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c Postfix:<\/p>\r\n<pre>\r\n# service postfix restart<\/pre>\r\n","protected":false},"excerpt":{"rendered":"<p>&#160;\u0414\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0432 Postfix \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 StartSSL, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e: imap \u0438 smtp \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0432\u0430\u0448\u0435\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 imap \u0438 smtp \u043a\u043b\u044e\u0447\u0438 \u0432\u0430\u0448\u0435\u0433\u043e \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 StartSSL (ca-bundle.crt)<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,16,2,1],"tags":[26,17,19],"_links":{"self":[{"href":"https:\/\/workit.kz\/index.php?rest_route=\/wp\/v2\/posts\/326"}],"collection":[{"href":"https:\/\/workit.kz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/workit.kz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/workit.kz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/workit.kz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=326"}],"version-history":[{"count":7,"href":"https:\/\/workit.kz\/index.php?rest_route=\/wp\/v2\/posts\/326\/revisions"}],"predecessor-version":[{"id":333,"href":"https:\/\/workit.kz\/index.php?rest_route=\/wp\/v2\/posts\/326\/revisions\/333"}],"wp:attachment":[{"href":"https:\/\/workit.kz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/workit.kz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/workit.kz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}