On 10/08/14 01:54, Sam Varshavchik wrote:
> Charles Parkinson writes:
>
>> Nowhere in the guide does it say where to install the private key for
>> the imap / smtp services, nor can I see it in the configuration files
>> referenced. Without the private key, how will any of these services
>> decrypt messages encrypted with the key contained in the public
>> key certificate?
>
> It's the same file. The PEM formats allows you to concatenate all
> the pieces in one file. The certificate file contains both the private
> key, and the certificate, in the PEM format
Ok, so that makes sense except for the fact that a CSR sent to a commercial CA
should never contain the private key, so the resulting PEM encoded cert
received in return will not contain the concatenated key pair.
is that an exercise for the courier-mta admin to take the DER encoded private
key, concatenate it with the DER encoded public key cert received from the ca,
and PEM encode it? or do we pem encode the private DER and concat it with the
pem encoding received from the CA? and in either case, what is the syntax that
Courier-mta expects inside that pem file to id the private key? should it be a
block of pem which decodes with headers, or headers delimiting the pem blocks?
Charles.
------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
