SSL Authentification
Chris Fleming
me at chrisfleming.org
Tue Apr 2 11:18:06 CEST 2013
On Sun, Mar 31, 2013 at 12:38:24PM +0200, Jack Smith wrote:
> Hello everyone,
>
> can anyone please help me in setting up my Kolab 3 installation to use
> my SSL certificates? I documentation about this issue is rather scarce.
> I have a .crt, a .key and a .ca file (intermediate certificate) for my
> server from an official certificate authority. How do i persuade my
> kolab server to use these certificates, so my thunderbird does not
> complain about untrusted certificates when trying to connect to an email
> account?
This is "simply" a case of telling the various components about the certificates.
These are postfix (for smtp):
In /etc/postfix/main.cf
smtpd_tls_key_file = /etc/pki/CA/certs/server.pem
smtpd_tls_cert_file = /etc/pki/CA/certs/server.pem
For imap:
/etc/imapd.conf
tls_cert_file: /etc/pki/CA/certs/server.pem
tls_key_file: /etc/pki/CA/certs/server.pem
tls_ca_file: /etc/pki/CA/certs/server.pem
I think setting up apache was more complicated, but there is a fair amount of information online. Have a look and let me know if you're still haveing trouble.
The .pem files are container files, in my case they contain my certificate followed by the intermediate certificate.
-----BEGIN CERTIFICATE-----
<Contents of my crt>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<contents of intermediatre certificate>
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
<contents of key>
-----END PRIVATE KEY-----
Hope that helps!
Cheers
Chris
--
e: me at chrisfleming.org
w: http://www.chrisfleming.org/
More information about the users
mailing list