SSL Authentification

Chris Fleming me at chrisfleming.org
Tue Apr 2 11:18:06 CEST 2013


On Sun, Mar 31, 2013 at 12:38:24PM +0200, Jack Smith wrote:
> Hello everyone,
> 
> can anyone please help me in setting up my Kolab 3 installation to use 
> my SSL certificates? I documentation about this issue is rather scarce. 
> I have a .crt, a .key and a .ca file (intermediate certificate) for my 
> server from an official certificate authority. How do i persuade my 
> kolab server to use these certificates, so my thunderbird does not 
> complain about untrusted certificates when trying to connect to an email 
> account?

This is "simply" a case of telling the various components about the certificates.

These are postfix (for smtp):

In /etc/postfix/main.cf
smtpd_tls_key_file = /etc/pki/CA/certs/server.pem
smtpd_tls_cert_file = /etc/pki/CA/certs/server.pem


For imap: 

/etc/imapd.conf

tls_cert_file: /etc/pki/CA/certs/server.pem
tls_key_file: /etc/pki/CA/certs/server.pem
tls_ca_file: /etc/pki/CA/certs/server.pem

I think setting up apache was more complicated, but there is a fair amount of information online. Have a look and let me know if you're still haveing trouble.

The .pem files are container files, in my case they contain my certificate followed by the intermediate certificate.

-----BEGIN CERTIFICATE-----
<Contents of my crt>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<contents of intermediatre certificate>
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
<contents of key>
-----END PRIVATE KEY-----

Hope that helps!

Cheers
Chris

-- 
e: me at chrisfleming.org
w: http://www.chrisfleming.org/




More information about the users mailing list