Net validating x509 certificates
We assume that the certificate for "server.example.com" was issued by "intermediate CA" which itself has a certificate issued by "root CA".With legacy public CA trust verification, you can omit the root certificate from the "server.pem" certificate file.You must allow sufficient time for any TLSA RRsets with only the old digest to expire from DNS caches.The safest practice is to wait until the DNSSEC signature on the previous TLSA RRset expires, and only then switch the server to use new keys published in the updated TLSA RRset.Assuming that Open SSL is written as carefully as Wietse's own code, every 1000 lines introduce one additional bug into Postfix.Topics covered in this document: The diagram below shows the main elements of the Postfix TLS architecture and their relationships.For servers that are not public Internet MX hosts, Postfix supports configurations with no certificates.This entails the use of just the anonymous TLS ciphers, which are not supported by typical SMTP clients.
RSA, DSA and ECDSA (Postfix ≥ 2.6) certificates are supported. You can configure all three at the same time, in which case the ciphersuite negotiated with the remote SMTP client determines which certificate is used.The certificate and private key may be in the same file, in which case the certificate file should be owned by "root" and not be readable by any other user.If the key is stored separately, this access restriction applies to the key file only, and the certificate file may be "world-readable".Failure to verify certificates per the server's published TLSA records will typically cause the SMTP client to defer mail delivery.
The foregoing also applies to "2 0 2" and "2 1 2" TLSA records or any other digest of a CA certificate, but it is expected that SHA256 will be by far the most common digest for TLSA.
To verify the Postfix SMTP server certificate, the remote SMTP client must receive the issuing CA certificates via the TLS handshake or via public-key infrastructure.