932
edits
Changes
m
Creating the directories that are required for these commands to work.
#Let's start with the "sending" SMTP server we have on VM2. Run the following, replacing <u>andrewsmith.org</u> with '''<u>your</u> domain name''':
<source lang="bash">mkdir -p /root/postfix-keys /etc/ssl/{private,certs}cd /root/postfix-keys
openssl genrsa -des3 -out vm2.andrewsmith.org.key 2048
chmod 600 vm2.andrewsmith.org.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
chmod 600 vm2.andrewsmith.org.key cakey.pem
cp vm2.andrewsmith.org.key cakey.pem /etc/ssl/private/cp vm2.andrewsmith.org.crt cacert.pem /etc/ssl/certs/</source>
::'''NOTE:''' Those commands will create a certificate, a certificate signing request, a certificate authority, and a sign your certificate with your certificate authority.<br>This would be the same as in the real world except there you would contact a real CA, here you're making up your own.