How to replicate the bug:
Virtualmin -> server.example.com -> Server Configuration -> Manage SSL Certificate -> Let's Encrypt -> Request Certificate
Virtualmin -> server.example.com -> Server Configuration -> Manage SSL Certificate -> Current Certificate -> Copy to Postfix
Copying certificate and key to Postfix files ..
.. wrote out certificate in /etc/postfix/postfix.cert.pem and key in /etc/postfix/postfix.key.pem
Enabling SSL in Postfix configuration ..
Testing with (url censored*) gives error message:
Cert NOT VALIDATED: unable to get local issuer certificate
[this may help: What Is An Intermediate Certificate
So email is encrypted but the domain is not verified
When I go to
Webmin -> Servers -> Postfix Mail Server -> SMTP Authentication And Encryption I see this:
Enable TLS encryption? (*) Yes ( ) No
TLS certificate file ( ) None (*) [etc/postfix/postfix.cert.pem]
TLS private key file ( ) None (*) [/etc/postfix/postfix.key.pem]
TLS certificate authority file ( ) None (*) [ ]
TLS certificate authority file is empty and the radio button is on the right side (by default).
When I click on [Save and Apply] without changing anything it gives error (like expected):
Failed to save SMTP authentication and encryption : Missing or invalid TLS certificate authority file
When I change this part like this:
TLS certificate authority file (* ) None ( ) [ ]
there is no error message (Failed to save...), but it does not work (Cert NOT VALIDATED).
There is no file
When I try this:
# cat /home/server.example.com/ssl.ca > /etc/postfix/postfix.ca.pem
And change these settings:
TLS certificate authority file ( ) None (*) /etc/postfix/postfix.ca.pem
And click on [Save and Apply], it works (Cert VALIDATED: ok).
The problem is that Virtualmin is not creating the
/etc/postfix/postfix.ca.pem file and not filling the corresponding field in the form.
- I am not posting the url of the app I use to test the server, because I often have issues with anti-spam software on your website. Don't want to trigger it again.