Monday, April 25, 2016

Install StartSSL Cert on Postfix

Remove key from key file:

openssl rsa -in xxx-multihost.key -out /etc/ssl/

copy 1_root_bundle from to /etc/ssl/startssl-ca-bundle.pem
copy 2_blah from to /etc/ssl/


smtpd_tls_CAfile = /etc/ssl/startssl-ca-bundle.pem
smtpd_tls_cert_file = /etc/ssl/
smtpd_tls_key_file = /etc/ssl/

restart postfix "service postfix restart"

test using:

Install StartSSL Certificate on Dovecot IMAP Server

wget -O

cat www_certificate.pem > /etc/ssl/certs/dovecot.pem

cat www_privatekey.pem > /etc/ssl/private/dovecot.pem

chown root:ssl-cert /etc/ssl/private/dovecot.pem

chmod 644 /etc/ssl/private/dovecot.pem

chown root:root /etc/ssl/certs/dovecot.pem

chmod 444 /etc/ssl/certs/dovecot.pem

In /etc/dovecot/conf.d/10-ssl.conf

ssl_cert_file = /etc/ssl/certs/dovecot.pem

ssl_key_file = /etc/ssl/private/dovecot.pem

wget -O /tmp/ca.pem

openssl s_client -CAfile /tmp/ca.pem -connect