[Prev] Thread [Next]  |  [Prev] Date [Next]

Re: Issues with tls_append_default_CA and *_tls_CApath Artemy Tregubenko Sun Feb 19 11:00:39 2012

On Sun, 19 Feb 2012 19:35:56 +0100, Wietse Venema <[EMAIL PROTECTED]> wrote:

Artemy Tregubenko:
> Instead of enumerating things Postfix that does not do, it would
> be more helpful to say how to achieve a concrete result:
>        To use ONLY system-supplied default certificate authority
>        certificates, specify those with *_tls_CApath or
>        *_tls_CAfile.
> I don't think this text belongs under tls_append_default_CA, though.
> It is better placed with the definition of the *_tls_CApath and
> *_tls_CAfile features themselves.

I agree, this is a better explanation and a better place for it. Would you
put it there, please?

Done.  Note that this text is applicable to all Postfix versions
including those that pre-date the tls_append_default_CA feature.