Monthly Archives: January 2016

postfix generate ssl certificate

Leave a reply

openssl genrsa -des3 -out mail.domain.tld.key 2048
chmod 600 mail.domain.tld.key
openssl req -new -key mail.domain.tld.key -out mail.domain.tld.csr
openssl x509 -req -days 365 -in mail.domain.tld.csr -signkey mail.domain.tld.key -out mail.domain.tld.crt
openssl rsa -in mail.domain.tld.key -out mail.domain.tld.key.nopass
mv mail.domain.tld.key.nopass mail.domain.tld.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
chmod 600 mail.domain.tld.key
chmod 600 cakey.pem
mv mail.domain.tld.key /etc/ssl/private/
mv mail.domain.tld.crt /etc/ssl/certs/
mv cakey.pem /etc/ssl/private/
mv cacert.pem /etc/ssl/certs/
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/ssl/private/mail.domain.tld.key'
postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/mail.domain.tld.crt'
postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
postconf -e 'myhostname = mail.example.com'

directadmin enable sftp

Leave a reply

cd /usr/local/directadmin/custombuild
./build update
./build set proftpd yes
mkdir -p custom/proftpd
wget -O custom/proftpd/configure.proftpd http://files.directadmin.com/services/all/sftp/configure.proftpd.sftp
chmod 755 custom/proftpd/configure.proftpd
./build proftpd

2) Backup old configs, and grab new ones:
cd /etc
cp proftpd.conf proftpd.conf.backup
wget -O proftpd.conf http://files.directadmin.com/services/all/sftp/proftpd.conf
wget -O proftpd.sftp.conf http://files.directadmin.com/services/all/sftp/proftpd.sftp.conf
perl -pi -e 's/\|SERVER_IP\|/1.2.3.4/' proftpd.conf
perl -pi -e 's/\|SERVER_IP\|/1.2.3.4/' proftpd.sftp.conf