From 14a3a6a2c1e5bbee59537d542ec65d21f542e8ad Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Tue, 13 Jun 2023 16:32:54 -0700
Subject: [PATCH] smtp-mm / base / postfix: use gateway-chain cert

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/base/files/postfix/main.cf/main.cf.smtp-mm | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/roles/base/files/postfix/main.cf/main.cf.smtp-mm b/roles/base/files/postfix/main.cf/main.cf.smtp-mm
index b740359b9e..13ccf94b6e 100644
--- a/roles/base/files/postfix/main.cf/main.cf.smtp-mm
+++ b/roles/base/files/postfix/main.cf/main.cf.smtp-mm
@@ -712,8 +712,7 @@ smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5, RC4
 #tls_ssl_options = no_ticket, no_compression
 
 smtpd_tls_loglevel = 1
-smtpd_tls_cert_file = /etc/pki/tls/certs/gateway.crt
-smtpd_tls_key_file =  /etc/pki/tls/private/gateway.key
+smtpd_tls_chain_files = /etc/pki/tls/private/gateway-chain.pem
 smtpd_tls_CAfile  =   /etc/pki/tls/certs/ca-bundle.crt
 smtpd_tls_session_cache_timeout = 3600s
 smtpd_tls_session_cache_database        = btree:${queue_directory}/smtpd_scache
@@ -734,8 +733,7 @@ smtp_tls_mandatory_protocols = !SSLv2,!SSLv3
 smtp_tls_mandatory_ciphers = high
 smtp_tls_mandatory_exclude_ciphers= aNULL, MD5, RC4
 smtp_tls_loglevel = 1
-smtp_tls_cert_file = /etc/pki/tls/certs/gateway.crt
-smtp_tls_key_file = /etc/pki/tls/private/gateway.key
+smtp_tls_chain_files = /etc/pki/tls/private/gateway-chain.pem
 smtp_tls_CAfile  = /etc/pki/tls/certs/ca-bundle.crt
 
 # Deny email from some domains