Date: 2007dec14
Q. How to I enable SSL/TLS with Dovecot (the POP3 and IMAP server)?
A. With RedHat/Fedora its totally easy!
Self-signed certificates are already made for you.
So just uncomment the following lines in /etc/dovecot.conf
# Disable SSL/TLS support?
ssl_disable = no
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
Optionally, if you don't want to let anybody login without SSL or TLS do this:
disable_plaintext_auth = yes
Finally, restart dovecot:
service dovecot restart
Don't forget to test with a mail client like Thunderbird.
Outlook doesn't like the certificate and will complain each time.
We have a way around that:
http://www.davekb.com/search.php?target=outlook
Add a comment
Sign in to add a comment