Skip to content

Validate LDAPS queries in Postfix with IPA CA #454

New issue
New issue
Open
Open
Validate LDAPS queries in Postfix with IPA CA#454
Labels
component: emailIssues relating to our email forwarding system, hosted on our netcup machines.group: ansibleIssues and pull requests related to the Ansible setupwebscale
@jb3

Description

@jb3
jb3
opened on Aug 3, 2024

Now that lovelace is enrolled, we can use the automatically collected /etc/ipa/ca.crt file to validate the LDAPS connection.

This is dead simple to setup, all it needs is for the ldap tables used by Postfix to have the following line added:

tls_ca_cert_file = /etc/ipa/ca.crt
tls_require_cert = yes

(Source: https://www.postfix.org/ldap_table.5.html)

Once implemented, it should be validated the lookups still work with a query like:

joe@lovelace:~$ sudo postmap -q [email protected] ldap:/etc/postfix/ldap-registeredaddress.cf
[email protected]

Metadata

Metadata

Assignees

No one assigned

    Labels

    component: emailIssues relating to our email forwarding system, hosted on our netcup machines.group: ansibleIssues and pull requests related to the Ansible setupwebscale

    Type

    No type

    Projects

    Infrastructure

    Status

    Up next

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions