From 2db9391d1775c2d79c1e4e253c3d7fc98f3bc28e Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 5 May 2022 16:31:38 +0200 Subject: surtr: ... --- hosts/surtr/email/ca/index.txt | 2 +- hosts/surtr/email/ca/serial | 2 +- hosts/surtr/email/default.nix | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/surtr/email/ca/index.txt b/hosts/surtr/email/ca/index.txt index 5010b5fe..711193b2 100644 --- a/hosts/surtr/email/ca/index.txt +++ b/hosts/surtr/email/ca/index.txt @@ -1 +1 @@ -V 320502135347Z 01 unknown /CN=gkleen +V 320502142416Z 02 unknown /CN=gkleen diff --git a/hosts/surtr/email/ca/serial b/hosts/surtr/email/ca/serial index 9e22bcb8..75016ea3 100644 --- a/hosts/surtr/email/ca/serial +++ b/hosts/surtr/email/ca/serial @@ -1 +1 @@ -02 +03 diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 95885637..aebe03db 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix @@ -121,6 +121,7 @@ with lib; command = "smtpd"; args = [ "-o" "smtpd_tls_wrappermode=yes" + "-o" "smtpd_tls_ask_ccert=yes" "-o" "smtpd_tls_req_ccert=yes" "-o" "smtpd_client_restrictions=permit_tls_all_clientcerts,reject" "-o" "smtpd_recipient_restrictions=reject_unauth_pipelining,reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_tls_all_clientcerts,reject" -- cgit v1.2.3