# postfix/smtpd No server certs available TLS won't be enabled

## hexa

```

Dec 18 16:25:22 ibm1 postfix/smtpd[15368]: warning: No server certs available. TLS won't be enabled

Dec 18 16:25:22 ibm1 postfix/smtpd[15368]: connect from unknown[10.30.30.3]

Dec 18 16:25:22 ibm1 postfix/smtpd[15368]: warning: Wrapper-mode request dropped from unknown[10.30.30.3] for service smtp. TLS context initialization failed. For details see earlier warnings in your logs.

Dec 18 16:25:22 ibm1 postfix/smtpd[15368]: disconnect from unknown[10.30.30.3]

```

Hi, i'm installing postfix+dovecot(sasl)+mysql. I'm having problems with smtp auth and ssl connections. I'm not sure where do i have to put my ssl certificates. Please advise me on that. Here are my config files and other info. BTW imap(s) login works O.K.

```

ibm1 ~ # ls -la /etc/ssl/dovecot/server.key

-r-------- 1 dovecot mail 887 Dec 11 11:38 /etc/ssl/dovecot/server.key

ibm1 ~ # ls -la /etc/ssl/dovecot/server.pem

-r-------- 1 dovecot mail 1930 Dec 11 11:38 /etc/ssl/dovecot/server.pem

ibm1 ~ # dovecot -n

# 1.1.7: /etc/dovecot/dovecot.conf

# OS: Linux 2.6.25-hardened-r10X x86_64 Gentoo Base System release 2.0.0 reiserfs

protocols: imap imaps pop3 pop3s

ssl_cert_file: /etc/ssl/dovecot/server.pem

ssl_key_file: /etc/ssl/dovecot/server.key

disable_plaintext_auth: no

login_dir: /var/run/dovecot/login

login_executable(default): /usr/libexec/dovecot/imap-login

login_executable(imap): /usr/libexec/dovecot/imap-login

login_executable(pop3): /usr/libexec/dovecot/pop3-login

login_greeting: X.

login_process_per_connection: no

login_process_size: 128

login_max_connections: 128

first_valid_uid: 8999

last_valid_uid: 9001

first_valid_gid: 8999

last_valid_gid: 9001

mail_uid: virtmail

mail_gid: virtmail

mail_location: maildir:/mailsql/mailroot/%u:INDEX=/mailsql/mailrootindex/%u

mail_executable(default): /usr/libexec/dovecot/imap

mail_executable(imap): /usr/libexec/dovecot/imap

mail_executable(pop3): /usr/libexec/dovecot/pop3

mail_plugin_dir(default): /usr/lib64/dovecot/imap

mail_plugin_dir(imap): /usr/lib64/dovecot/imap

mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3

auth default:

  mechanisms: plain login cram-md5 digest-md5

  user: virtmail

  passdb:

    driver: sql

    args: /etc/dovecot/dovecot-sql.conf

  userdb:

    driver: prefetch

  socket:

    type: listen

    client:

      path: /var/spool/postfix/private/auth

      mode: 432

      user: postfix

      group: postfix

ibm1 ~ # postconf -n

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

content_filter = smtp-amavis:[127.0.0.1]:10024

daemon_directory = /usr/lib64/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

home_mailbox = Maildir/

html_directory = /usr/share/doc/postfix-2.5.1/html

inet_interfaces = all

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

mydestination = localhost

mydomain = ibmcluster1X

myhostname = ibmcluster1X

mynetworks = 10.30.0.20/32, 10.30.0.19/32, 10.30.1.19/32, 10.30.1.20/32

myorigin = $myhostname

newaliases_path = /usr/bin/newaliases

proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps  $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains  $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps  $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks  $virtual_mailbox_limit_maps

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.5.1/readme

relay_domains = proxy:mysql:/mailsql/postfix_conf/mysql_relay_domains_maps.cf

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_mynetworks,        permit_sasl_authenticated, reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_authenticated_header = yes

smtpd_sasl_local_domain = $myhostname

smtpd_sasl_path = private/auth

smtpd_sasl_security_options = noanonymous

smtpd_sasl_type = dovecot

smtpd_sender_restrictions = reject_unknown_sender_domain, permit_mynetworks

smtpd_tls_wrappermode = yes

unknown_local_recipient_reject_code = 550

virtual_alias_maps = proxy:mysql:/mailsql/postfix_conf/mysql_virtual_alias_maps.cf

virtual_gid_maps = static:9000

virtual_mailbox_base = /mailsql/mailroot

virtual_mailbox_domains = proxy:mysql:/mailsql/postfix_conf/mysql_virtual_domains_maps.cf

virtual_mailbox_limit_maps = proxy:mysql:/mailsql/postfix_conf/mysql_virtual_mailbox_limit_maps.cf

virtual_mailbox_limit_override = yes

virtual_mailbox_maps = proxy:mysql:/mailsql/postfix_conf/mysql_virtual_mailbox_maps.cf

virtual_maildir_limit_message = Sorry, the user's mailbox has overdrawn his diskspace quota, please try again later.

virtual_minimum_uid = 8999

virtual_overquota_bounce = yes

virtual_transport = virtual

virtual_uid_maps = static:9000

```

Thank you for your time.

----------

## Exil

http://www.postfix.org/TLS_README.html#server_cert_key

Read that.

----------

## hexa

Cool. Thanx!

----------

