It is possible to make an encrypted SMTP connection using a trusted TLS on postfix when using our mail relay services. This can be configured with a few configuration changes in your postfix configuration.
1. We can simply configure it by pointing the certificate file location in the postfix configuration.
# nano /etc/postfix/main.cf
2. Find the line starts with smtp_tls_CAfile.
3. If it is not thereby default, please add it and point the certificate file location as mentioned below and save the file:
smtp_tls_CAfile = /etc/postfix/ssl.pem
4. Create the file '/etc/postfix/ssl.pem' and add the certificate information:
# nano /etc/postfix/ssl.pem
-----BEGIN CERTIFICATE-----
MIICxzCCAjCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCENhbXBiZWxsMRswGQYDVQQK
ExJCYXJyYWN1ZGEgTmV0d29ya3MxFDASBgNVBAsTC0VuZ2luZWVyaW5nMTMwMQYD
VQQDFCpCYXJyYWN1ZGEvZW1haWxBZGRyZXNzPXNhbGVzQGJhcnJhY3VkYS5jb20w
HhcNMTEwOTI5MTQzMjU3WhcNMzEwOTI0MTQzMjU3WjCBnTELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCENhbXBiZWxsMRswGQYDVQQK
ExJCYXJyYWN1ZGEgTmV0d29ya3MxFDASBgNVBAsTC0VuZ2luZWVyaW5nMTMwMQYD
VQQDFCpCYXJyYWN1ZGEvZW1haWxBZGRyZXNzPXNhbGVzQGJhcnJhY3VkYS5jb20w
gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO96EuFDTOg1phLStKpICyTkvlmy
E9VaJKOlZwbFBsEFSspy4KUYGO1gdUerPSfOjgVYA67a9vuQP9mM2b5dN4rzd3VQ
VVB7GhnftbuZhyuPPj0Zb3I0ILoJToOiN4qPeNSqGuq3Snk7T4ZybaZYgI622kJM
32xXnNX4dNFOrWopAgMBAAGjFTATMBEGCWCGSAGG+EIBAQQEAwIGQDANBgkqhkiG
9w0BAQUFAAOBgQDcyAs1a9kFVoIaKh6h3uSxfK9Eyb4A2JI8A8cimac8GMdNtVvt
Rd/CEFvYwQoS/w7+EpChmly/lVQUnk4uA8jDOypd+ELSdSN6E9cQaY4UK3anK80W
0mVgwHRzqY0Qgw+0rSi6zvMdK4m9Jiy+i74zHNR06bkVUaEsOGtMvUpr6w==
-----END CERTIFICATE-----
5. Save and exit the file and you are done. Restart the postfix server to take effect the changes.
