This documentation is for Dovecot v1.x, see wiki2 for v2.x documentation.
Differences between revisions 1 and 2
Revision 1 as of 2006-12-04 21:01:31
Size: 764
Editor: MarkNienberg
Comment:
Revision 2 as of 2006-12-29 07:24:14
Size: 1461
Editor: BrianKoontz
Comment: Updated for 1.0-rc15
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
Line 14: Line 13:

''Note'': The defaults above appear to have changed as of v1.0, rc15. On my Linux system, the standard '''configure/make/make install''' trinity required the following modifications to the steps above:

  * From the top-level '''dovecot-1.0.rc15''' directory, cd to '''doc'''. Edit the copy of '''dovecot-openssl.cnf''' located here.
  * The default SSL directory is '''/etc/ssl'''. If not already present, create '''/etc/ssl/certs''' and '''/etc/ssl/private'''.
  * '''chmod u+x ./mkcert.sh'''
  * Make the following modifications to '''./mkcert.sh''':
{{{
OPENSSL=openssl
SSLDIR=/etc/ssl
OPENSSLCONFIG=./dovecot-openssl.cnf
}}}
  * '''./mkcert.sh'''
  * Restart the dovecot service

Setting SSL certificate details

  • Edit /usr/share/ssl/dovecot-openssl.cnf (on some systems this will be /etc/pki/dovecot/dovecot-openssl.conf)

  • if exists, delete or rename the files /usr/share/ssl/certs/dovecot.pem and /usr/share/ssl/private/dovecot.pem (these might be in /etc/pki/dovecot/certs and /etc/pki/dovecot/private)

  • run /usr/share/doc/dovecot-[version]/examples/mkcert.sh (you may have to edit the top lines first as follows:)

OPENSSL=openssl
SSLDIR=/etc/pki/dovecot
OPENSSLCONFIG=/etc/pki/dovecot/dovecot-openssl.cnf

(if you don't want your certificate to expire in 365 days, increase the number in the $OPENSSL command at the bottom of the file)

  • restart the dovecot service

Note: The defaults above appear to have changed as of v1.0, rc15. On my Linux system, the standard configure/make/make install trinity required the following modifications to the steps above:

  • From the top-level dovecot-1.0.rc15 directory, cd to doc. Edit the copy of dovecot-openssl.cnf located here.

  • The default SSL directory is /etc/ssl. If not already present, create /etc/ssl/certs and /etc/ssl/private.

  • chmod u+x ./mkcert.sh

  • Make the following modifications to ./mkcert.sh:

OPENSSL=openssl
SSLDIR=/etc/ssl
OPENSSLCONFIG=./dovecot-openssl.cnf
  • ./mkcert.sh

  • Restart the dovecot service

None: SSL (last edited 2011-08-29 01:27:30 by TimoSirainen)