TLS configuration

vector_di

Member
Nov 18, 2019
57
3
8
In the process of integrating PowerMTA in Mumara. I chose TLS, but after a successful installation when sending a letter, I saw an error for each IP:
Expected response code 220 but got code "502", with message "502 5.5.1 command not supported in "STARTTLS" "
What can I do? I understand that I have to install an SSL certificate before? But in this case, should I install a web server? Or can I install only PowerMTA + SSL?
How to do it right? And does the presence of SSL affect the best delivery of letters?

Answer.
 

wasif

Administrator
Staff member
Apr 9, 2019
576
112
43
In order to make TLS work for the SMTP connections, you need to add a certificare in PowerMTA server and add to PowerMTA config. PowerMTA needs two files

1. Certificate (Contains the certificate issued for your hostname)
2. CA (Contains the CA signed certificate and the Private key)

So you place the files anywhere in the server e.g. /etc/pmta/certs

So the files would be

/etc/pmta/certs/cert.pem
and
/etc/pmta/certs/ca.pem

Now in the PowerMTA config, add the following lines


Code:
## Certificate ##
smtp-server-tls-certificate /etc/pmta/certs/cert.pem
smtp-server-tls-ca-file /etc/pmta/certs/ca.pem

Restart PowerMTA service pmta restart
 
Last edited:

wasif

Administrator
Staff member
Apr 9, 2019
576
112
43
Yes, you can!