On Sunday, 10 August 2014, 5:06, Mark Constable <[email protected]> wrote:
> Perhaps an example will help. I concatenate PEM variations (which my
> cert authority provides) of the key, the crt and the chained CA file to
> /etc/ssl/server.pem then symlink the /etc/courier/{esmtpd,imapd,pop3d}.pem
> required files to the single one in /etc/ssl, which looks like...
>
> -----BEGIN PRIVATE KEY-----
> [... private key...]
> -----END PRIVATE KEY-----
>
> -----BEGIN CERTIFICATE-----
> [... cert from CA ...]
> -----END CERTIFICATE-----
>
> -----BEGIN CERTIFICATE-----
> [... chained CA ...]
> -----END CERTIFICATE-----
Thanks for that. This is non standard when compared with something like
enabling SSL in apache, or at least for the way that I do that, where you have
to supply the path to the private key which is always, in my experience, a
separate file to the public cert.
I like the neatness of the courier approach, however the install doc could do
with a little comment to define the syntax / spec, say a small standalone
section on cert formats.
Just some further feedback from a first time installer of courier, it would
have been helpful if the install document had pointed out the glaringly obvious
fact that I needed to shutdown any existing smtp services on the host before
starting courier for the first time. It was a forehead thumper for sure, which
I worked out with the help of the list archives, but a simple one liner
reminder to disable this would have been useful!!
Thanks for such a wonderful project, it has been a dream to work with so far.
Charles.------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
