To install your Digital certificate on a Postfix server, you will need two files. First, you will need the private key that was created when you made your CSR. Second, you will need the .cer file from the ZIP file that was emailed to you by VikingCloud™ (this is your actual certificate).
Now that you have all three files, place them in a directory accessible by Postfix. We recommend using /etc/postfix/. Some users may want to make a directory for TLS inside the /etc/postfix/ directory.
Now that your certificates are on the filesystem, all that's left is a simple configuration change within your main.cf in the Postfix directory. Open the file with a suitable text editor - such as vi, nano, or pico - and add the following lines:
smtpd_use_tls = yes # smtpd_tls_auth_only = yes <-- Optional smtpd_tls_key_file = /etc/postfix/private.key smtpd_tls_cert_file = /etc/postfix/www.yourdomain.com.cer smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom
You can uncomment the smtpd_tls_auth_only line if you want to force all clients to use TLS encryption. Please remember - any clients without TLS capabilities will be rejected when they attempt to connect. Also, if you have issues with your installation, increase the smtpd_tls_loglevel to 3 so that you can see additional debugging information in your system log.
All that's left to do is reload Postfix's configuration. You can normally do this by running postfix reload.