17 Feb
2017
17 Feb
'17
11:48 p.m.
On 2017-02-17 22:38, chaouche yacine wrote:
Seems wrong to me too, Robert. If you put your private key inside your certificate, won't it be sent to the client along with it ? This is one way of supplying cert + key to a daemon and no, the key is not sent to the client.
While it is normaly true that one doesn't want the key to have access rights other than 0600, with dovecot as the file owner of the key+cert+intermediate .pem file the access rights can be set to 0600.
-- Christian Kivalo