The following certificate options can be specified in the
smtpd(8) configuration file.
ca hostname certificate cafile
Associate a custom CA certificate cafile with
Specify an alternate list of ciphers to use when establishing TLS
It is highly recommended to avoid making use of this option unless there
is a good understanding of the implications.
When not specified, only ciphers considered safe are chosen.
pki hostname certificate certfile
Associate the certificate located in certfile with
A certificate chain may be created by appending one or many certificates,
including a Certificate Authority certificate, to certfile.
Creation of certificates is documented in
pki hostname key keyfile
Associate the key located in keyfile with
The following example shows the usage of some of the certificate options
# pki setup
pki mail.example.com certificate "/etc/ssl/mail.example.com.crt"
pki mail.example.com key "/etc/ssl/private/mail.example.com.key"
# listen ports setup
listen on lo0
listen on egress port 25 tls pki mail.example.com