[Dovecot] Certificate Authority-signed certs in dovecot?
Benjamin J. Weiss
benjamin at weiss.name
Fri Jan 16 18:44:11 EET 2004
Hi!
Sorry if this has been covered. I've just started using dovecot and I've
searched via google and I've downloaded the maillist archives, but I haven't
found a solution.
I'm using Fedora Core 1, with dovecot-0.99.10-6. When I'm at work, I access
my home mail server using Outlook Express (I know, I know, but it's the only
client I'm allowed to use at work). Now, I'm able to get to my email, but I
get a warning popup box each time I connect to the server, that the
authenticity of the certificate can't be verified. I'm assuming that that's
because I am using a self-signed certificate.
Now, I'm also using postfix, and it allows for me creating my own CA
certificate, and using it to sign my own certificates. The
/etc/postfix/main.cf entries are:
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
but while I see the following two lines in /etc/dovecot.conf:
ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
ssl_key_file = /usr/share/ssl/private/dovecot.pem
I don't see how to specify my CA cert.
I'm pretty much a noob when it comes to openssl, but I've been able to
follow directions to get the TLS working in both postfix and dovecot. I
just want to get rid of that annoying message. I figure that there's a way
to sign my dovecot certs with the ca cert I've already created for postfix,
and tell dovecot about it somehow. Has anybody done this?
Thanks!
Ben
More information about the dovecot
mailing list