centos7.4 全新安装系统 已卸载自带的postfix和mariadb-libs
按照官方教程安装,最后也提示重启服务器,重启后各个软件运行正常,因为是自签名ssl 导致浏览器提示不安全,但是点击继续访问,页面无法跳转。
请教这个是什么问题呢?
已解决问题,是因为chrome浏览器下面ssl证书的问题,貌似自动生成的证书chrome浏览器不认,导致无法跳转。
解决办法:安装完成重启服务器以后,进行证书的统一设置,我使用的是免费的Let's Encrypt证书,好处是下次更新证书时,postfix/Dovecot/nginx 不需要重新设置,并会一起更新。
/etc/letsencrypt/live/<domain>/ 这个目录是Let's Encrypt生成证书保存的目录。
yum install git
systemctl stop nginx
git clone https://github.com/certbot/certbot.git
./certbot-auto certonly --standalone --email support@<domain> -d <domain>
postfix设置
postconf -e smtpd_tls_cert_file='/etc/letsencrypt/live/<domain>/cert.pem'
postconf -e smtpd_tls_key_file='/etc/letsencrypt/live<domain>/privkey.pem'
postconf -e smtpd_tls_CAfile='/etc/letsencrypt/live/<domain>/fullchain.pem'
Dovecot设置 vi /etc/dovecot/dovecot.conf
ssl = required
verbose_ssl = no
#ssl_ca = </path/to/ca
#ssl_cert = </etc/pki/tls/certs/iRedMail.crt
#ssl_key = </etc/pki/tls/private/iRedMail.key
ssl_cert = </etc/letsencrypt/live/<domain>/cert.pem
ssl_key = </etc/letsencrypt/live/<domain>/privkey.pem
ssl_ca = </etc/letsencrypt/live/<domain>/fullchain.pem
nginx设置:vi /etc/nginx/templates/ssl.tmpl
ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/<domain>/privkey.pem;
重启服务:
systemctl restart postfix
systemctl restart dovecot
systemctl restart nginx