On Tue, 2006-01-24 at 21:10 -0800, harryp@dmsnev.com wrote:
I am running a production server with 40 pop3 users using dovecot 0.99.14. I am trying to get a chained certificate installed that I purchased through godaddy.com. I need some clarification on how to do this. I found some really vague instructions on the dovecot wiki http://wiki.dovecot.org/ChainedSSLCertificates?highlight=%28chained%29 Unfortunately these instructions are very confusing for me.
Well, I'm not sure how to say it much clearer. And I haven't tried it myself either, but it should be done in Dovecot the same way as it's done with every other server using OpenSSL. You could try to look up the same instructions for eg. Apache, Postfix, or whatever server.
But as far as I know, it should work just by putting all the certificates in the chain into a single file, and pointing Dovecot to read that file as the certificate. So the cert file would be something like:
-----BEGIN CERTIFICATE----- first cert -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- second cert -----END CERTIFICATE-----
Hmm. I agree that the example names in the Wiki page can be a bit difficult to understand, unless you know what they mean. I'd guess it means there that Globalsign partners has signed TDC's CA certificate, which has signed TDC SSL Server CA's certificate, which has signed Local server public certificate.