Creating the Cyrus-Imapd TLS/SSL Certificate

<code>

220 mail.okia.ee ESMTP Postfix (2.4.5) EHLO Margusjas-MacBook-Pro.local 250-mail.okia.ee 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AG1hcmd1c2phX29raWFfZWUAbWFyZ3VzamExMTI= 235 2.0.0 Authentication successful MAIL FROM:SIZE=695 250 2.1.0 Ok RCPT TO:250 2.1.5 Ok DATA 354 End data with.Message-ID: <4E57E252.9060107@okia.ee> Date: Fri, 26 Aug 2011 21:13:38 +0300 From: Margus RooUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:6.0) Gecko/20110812 Thunderbird/6.0 MIME-Version: 1.0 To: MargusjaSubject: test Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit — Margus Roo http://www.okia.ee —-BEGIN PUBLIC KEY—– MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2KPM8YjdNO39TFgU+r5rDtiB8 OgqBHBDZTUDPu6zQDxV1t+Yt9uOmQ/RGRBapxqzedHFsBoYNjqH2bt9lMoy+jCaj +OLzY/NmOUZ2+HmsFHtDGpTcAUSIa3lygnSzgzXliDsH5YGXSXXOJULsk7FJdP82 AzssW9lhmz/Vk7NVAQIDAQAB —–END PUBLIC KEY—– . 250 2.0.0 Ok: queued as 0801911A8005 QUIT 221 2.0.0 Bye

</code>

 

openssl req -new -nodes -out req.pem -keyout key.pem
openssl rsa -in key.pem -out new.key.pem
openssl x509 -in req.pem -out ca-cert -req \
-signkey new.key.pem -days 999

mkdir /var/imap

cp new.key.pem /var/imap/server.pem
rm new.key.pem
cat ca-cert >> /var/imap/server.pem

chown cyrus:mail /var/imap/server.pem
chmod 600 /var/imap/server.pem # Your key should be protected

echo tls_ca_file: /var/imap/server.pem >> /etc/imapd.conf
echo tls_cert_file: /var/imap/server.pem >> /etc/imapd.conf
echo tls_key_file: /var/imap/server.pem >> /etc/imapd.conf

 

Nojah, kontrollida saad:

openssl s_client -connect mail.okia.ee:993 < IMAPS port

openssl s_client -connect mail.okia.ee:995 <  POPS port

Leave a Reply