> rgrep smtpd_tls_cert_file /etc/postfix
/etc/postfix/main.cf:smtpd_tls_cert_file = /etc/postfix/smtpd.cert
> dovecot -n |grep ssl_cert
ssl_cert = </etc/postfix/smtpd.cert
> openssl x509 -text < /etc/postfix/smtpd.cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:bf:cf:bc:4a:4c:d4:66:7d:e4:1b:9e:17:d4:84:d2:69:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = Let's Encrypt, CN = R3
Validity
Not Before: Jun 7 21:58:47 2022 GMT
Not After : Sep 5 21:58:46 2022 GMT
Subject: CN = ks307144.kimsufi.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ff:a1:c9:cc:95:26:53:ac:3f:a5:fb:6a:fb:
78:52:e6:fc:12:5e:7b:08:0e:25:bf:f6:76:81:10:
ea:16:16:40:19:de:7d:72:6a:9f:1a:7d:6a:c8:47:
e5:b4:41:4c:81:2b:c7:b1:b4:db:15:52:25:31:5c:
44:f9:06:48:fe:91:59:d9:f0:ff:94:ec:ad:33:cb:
c2:50:ef:23:26:47:e7:29:e2:00:c4:49:9c:1b:58:
b9:4d:b8:c4:0e:34:d4:0a:26:6d:2c:ac:a5:a7:2b:
f4:83:dc:ac:28:20:c1:e3:4b:28:3c:fd:9d:1e:20:
63:0d:7a:b7:3b:82:81:14:69:88:0c:4d:6f:94:b0:
2d:dd:23:ab:e6:0f:61:88:8a:bf:cd:7a:3f:00:a5:
62:e1:d5:5d:80:c1:e9:65:f5:c6:1d:90:24:79:ab:
e7:ad:a5:f9:25:c3:76:63:e3:78:3f:96:9d:90:30:
3e:7a:12:c8:80:b1:ea:0a:07:a6:99:6c:56:2e:c9:
d1:ca:34:d1:72:2d:82:a6:9a:6b:0f:34:85:8d:26:
68:91:21:90:3b:43:75:56:12:e0:5a:2c:54:9a:af:
55:0c:1c:e8:e3:8b:ff:eb:e4:11:d5:08:4c:5c:78:
df:62:71:00:ff:94:00:46:2c:cb:dd:94:fe:4a:33:
c7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
81:D1:B3:CD:6E:2A:E1:63:AD:70:17:6D:B7:36:9E:37:21:03:93:B4
X509v3 Authority Key Identifier:
keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:
OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:ks307144.kimsufi.com, DNS:webologix.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
Timestamp : Jun 7 22:58:47.314 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:CA:74:3E:BF:52:7B:06:A9:B6:59:D5:
3E:5E:7B:9D:2B:89:2E:CC:FB:5D:94:68:04:C9:35:53:
EC:A5:84:45:27:02:20:71:45:E7:8B:41:7C:FB:0D:6F:
31:A7:7F:C4:A8:84:9D:55:FF:57:EE:5C:07:72:E6:FC:
41:7B:E9:D8:23:DE:65
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
Timestamp : Jun 7 22:58:47.282 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:50:EF:4F:15:D9:B9:E5:43:00:8D:6E:06:
A5:35:20:F5:0A:89:2A:18:7C:4A:B1:EF:B9:77:7A:5E:
63:16:AB:F3:02:20:15:3D:AF:33:40:73:2C:01:EE:B9:
29:EC:7A:9B:76:09:4A:FA:7C:5F:F8:1E:2D:5D:0F:92:
79:92:54:80:A2:19
Signature Algorithm: sha256WithRSAEncryption
...