Postfix should check the LDAP certficate as well.

2016-03-03 08:19:18 +01:00 · 2016-03-03 08:19:18 +01:00 · f70a7dbbdd
parent 1cdb5750dc
commit f70a7dbbdd
2 changed files with 4 additions and 4 deletions
--- a/roles/mail/templates/postfix/ldap-aliases.cf.j2
+++ b/roles/mail/templates/postfix/ldap-aliases.cf.j2
@ -1,6 +1,6 @@
 server_host = {{ ldap_uri }}
-#tls_ca_cert_file = TODO
-#tls_require_cert = yes
+tls_ca_cert_file = {{ ldap_ca }}
+tls_require_cert = yes
 bind = yes
 bind_dn = {{ ldap_binddn }}
 bind_pw = {{ ldap_bindpw }}
--- a/roles/mail/templates/postfix/ldap-virtual-maps.cf.j2
+++ b/roles/mail/templates/postfix/ldap-virtual-maps.cf.j2
@ -1,6 +1,6 @@
 server_host = {{ ldap_uri }}
-#tls_ca_cert_file = TODO
-#tls_require_cert = yes
+tls_ca_cert_file = {{ ldap_ca }}
+tls_require_cert = yes
 bind = yes
 bind_dn = {{ ldap_binddn }}
 bind_pw = {{ ldap_bindpw }}