HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   Courier-IMAP/Courier-POP3 SSL-Certificates (http://www.howtoforge.com/forums/showthread.php?t=1168)

n2s 7th November 2005 18:26

Courier-IMAP/Courier-POP3 SSL-Certificates
 
Hi all,

I still have some newbie questions. As far as I understood, IMAP/POP uses default certificates for a secure connection (signed to localhost). How do I create new ones (using Suse 9.3) belonging to mydomain.tld to avoid warnings from email clients?

Thanks in advance, specially to Falko and Till for their great work! It would never be possible for me to set up my server so fast without your howto and ISPConfig . :D
n2s

P.s.: There is a security update for ClamAV, is there a (easy) way I upgrade the version that comes with ISPConfig?

falko 8th November 2005 09:49

Quote:

Originally Posted by n2s
Hi all,

I still have some newbie questions. As far as I understood, IMAP/POP uses default certificates for a secure connection (signed to localhost). How do I create new ones (using Suse 9.3) belonging to mydomain.tld to avoid warnings from email clients?

Which POP3/IMAP server do you use? Is it Courier?

Quote:

Originally Posted by n2s
P.s.: There is a security update for ClamAV, is there a (easy) way I upgrade the version that comes with ISPConfig?

This will be in the next ISPConfig release, it's already in the SVN version.
But if you don't want to wait, then unpack the ISPConfig sources and have a look at the script install_ispconfig/compile_aps/compile. There you find the instructions on how to compile ClamAV.

n2s 8th November 2005 14:31

Quote:

Originally Posted by falko
Which POP3/IMAP server do you use? Is it Courier?

Yes, Courier-IMAP/POP3 (I followed your Suse 9.3. howto). And the IMAP server uses a "automatically-generated IMAP SSL key" from the courier mail server. I don't know how I could replace these POP3/IMAP SSL certficates.
Quote:

Originally Posted by falko
This will be in the next ISPConfig release, it's already in the SVN version.
But if you don't want to wait, then unpack the ISPConfig sources and have a look at the script install_ispconfig/compile_aps/compile. There you find the instructions on how to compile ClamAV.

Thanks!
n2s

falko 8th November 2005 15:35

Quote:

Originally Posted by n2s
Yes, Courier-IMAP/POP3 (I followed your Suse 9.3. howto). And the IMAP server uses a "automatically-generated IMAP SSL key" from the courier mail server. I don't know how I could replace these POP3/IMAP SSL certficates.

Please run
Code:

updatedb
locate courier

and post the output here so that I can see which courier-related programs are available on your system.

n2s 8th November 2005 15:56

Quote:

Originally Posted by falko
Please run
Code:

updatedb
locate courier

and post the output here so that I can see which courier-related programs are available on your system.

The output from locate courier:
Code:

/etc/courier
/etc/courier/authdaemonrc
/etc/courier/authdaemonrc.dist
/etc/courier/imapd
/etc/courier/imapd-ssl
/etc/courier/imapd-ssl.dist
/etc/courier/imapd.cnf
/etc/courier/imapd.dist
/etc/courier/pop3d
/etc/courier/pop3d-ssl
/etc/courier/pop3d-ssl.dist
/etc/courier/pop3d.cnf
/etc/courier/pop3d.dist
/etc/courier/quotawarnmsg.example
/etc/init.d/courier-authdaemon
/etc/init.d/courier-imap
/etc/init.d/courier-imap-ssl
/etc/init.d/courier-pop3
/etc/init.d/courier-pop3-ssl
/etc/init.d/rc3.d/K09courier-imap
/etc/init.d/rc3.d/K09courier-imap-ssl
/etc/init.d/rc3.d/K09courier-pop3
/etc/init.d/rc3.d/K09courier-pop3-ssl
/etc/init.d/rc3.d/K10courier-authdaemon
/etc/init.d/rc3.d/S12courier-authdaemon
/etc/init.d/rc3.d/S13courier-imap
/etc/init.d/rc3.d/S13courier-imap-ssl
/etc/init.d/rc3.d/S13courier-pop3
/etc/init.d/rc3.d/S13courier-pop3-ssl
/etc/init.d/rc5.d/K09courier-imap
/etc/init.d/rc5.d/K09courier-imap-ssl
/etc/init.d/rc5.d/K09courier-pop3
/etc/init.d/rc5.d/K09courier-pop3-ssl
/etc/init.d/rc5.d/K10courier-authdaemon
/etc/init.d/rc5.d/S12courier-authdaemon
/etc/init.d/rc5.d/S13courier-imap
/etc/init.d/rc5.d/S13courier-imap-ssl
/etc/init.d/rc5.d/S13courier-pop3
/etc/init.d/rc5.d/S13courier-pop3-ssl
/home/admispconfig/ispconfig/web/phpmyadmin/libraries/fpdf/font/courier.php
/root/Maildir/courierpop3dsizelist
/usr/lib/courier-imap
/usr/lib/courier-imap/authlib
/usr/lib/courier-imap/authlib/authdaemon
/usr/lib/courier-imap/authlib/authdaemond
/usr/lib/courier-imap/authlib/authdaemond.plain
/usr/lib/courier-imap/couriertcpd
/usr/lib/courier-imap/makedatprog
/usr/sbin/courierlogger
/usr/sbin/couriertls
/usr/sbin/rccourier-authdaemon
/usr/sbin/rccourier-imap
/usr/sbin/rccourier-imap-ssl
/usr/sbin/rccourier-pop3
/usr/sbin/rccourier-pop3-ssl
/usr/share/courier-imap
/usr/share/courier-imap/configlist
/usr/share/courier-imap/configlist.ldap
/usr/share/courier-imap/imapd.pem
/usr/share/courier-imap/makeuserdb
/usr/share/courier-imap/mkimapdcert
/usr/share/courier-imap/mkpop3dcert
/usr/share/courier-imap/pop3d.pem
/usr/share/courier-imap/pw2userdb
/usr/share/courier-imap/sysconftool
/usr/share/courier-imap/userdb
/usr/share/courier-imap/vchkpw2userdb
/usr/share/doc/packages/courier-imap
/usr/share/doc/packages/courier-imap/AUTHORS
/usr/share/doc/packages/courier-imap/BUGS
/usr/share/doc/packages/courier-imap/COPYING
/usr/share/doc/packages/courier-imap/README
/usr/share/doc/packages/courier-imap/README.authdebug.html
/usr/share/doc/packages/courier-imap/README.authdebug.html.in
/usr/share/doc/packages/courier-imap/README.authmysql.html
/usr/share/doc/packages/courier-imap/README.authmysql.myownquery
/usr/share/doc/packages/courier-imap/README.authpostgres.html
/usr/share/doc/packages/courier-imap/README.imap
/usr/share/doc/packages/courier-imap/README.ldap
/usr/share/doc/packages/courier-imap/README.maildirquota
/usr/share/doc/packages/courier-imap/README.sharedfolders
/usr/share/man/man1/courierlogger.1.gz
/usr/share/man/man1/couriertcpd.1.gz
/usr/share/man/man8/courier-imapd.8.gz
/var/run/authdaemon.courier-imap
/var/run/authdaemon.courier-imap/pid
/var/run/authdaemon.courier-imap/pid.lock
/var/run/authdaemon.courier-imap/socket
/var/run/couriersslcache


falko 8th November 2005 19:02

I guess mkimapdcert and mkpop3dcert are the commands that you have to run.

Run
Code:

man mkimapdcert
and
Code:

man mkpop3dcert
to find out how to use them.

n2s 8th November 2005 19:41

Quote:

Originally Posted by falko
Run
Code:

man mkimapdcert
and
Code:

man mkpop3dcert
to find out how to use them.

Oh yes, reading man pages make life a lot easier :D. Actually I tried to use mkimapdcert before, but I have overlooked the .cnf files!

Everything is in order now, thanks!

wr19026 16th August 2006 16:51

So how would I go about this if I have more than one domain? What I want to do is use Courier IMAP SSL (as per the Ubuntu 6.06 Perfect Setup) with ISPConfig, and avoid that any of the mail users gets the annoying popup when connecting using Thunderbird, Outlook etc.

I'm using the mail.domain.dom logic, and would require certificates for 4 domains that I currently host.

Thanks in advance for pointing me in the right direction!

falko 17th August 2006 17:07

Create certificates for one FQDN, something like pop.example.com or imap.example.com, and make your users use this FQDN in their email clients.

tjd 28th November 2006 21:21

generate certs for postfix-dovecot
 
My postfix/dovecot system (fedora 6) has much the same problems as those earlier in the thread. That is, comes up as imap.example.com, untrusted etcetera.

How to make new accurate certs for postfix-dovecot?

Thanks in advance


All times are GMT +2. The time now is 07:30.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.