[
https://issues.apache.org/jira/browse/JAMES-3640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17406402#comment-17406402
]
Benoit Tellier commented on JAMES-3640:
---------------------------------------
Regarding a programatic way of generating the keys (allowing all dockers to by
default generate their own SSL keys, and thus enable start without any
configuration, for all servers in a safe way), Hakan Altındağ (Hakky54 on
github) recommended me to use https://github.com/tersesystems/securitybuilder
(reference to the discussions on a tier project:
https://github.com/Hakky54/sslcontext-kickstart/issues/115#issuecomment-907784230)
> Have a configuration parameter to automatically generate self-signed key
> materials
> ----------------------------------------------------------------------------------
>
> Key: JAMES-3640
> URL: https://issues.apache.org/jira/browse/JAMES-3640
> Project: James Server
> Issue Type: Improvement
> Components: IMAPServer, POP3Server, SMTPServer
> Reporter: Benoit Tellier
> Priority: Major
>
> Follow up of
> https://www.mail-archive.com/[email protected]/msg70783.html
> For security concerns, we should remove all
> cryptographic keys from default configuration, including demo images.
> We could then have auto-generation
> configuration option to ensure both convenient and secure set-up for
> demo image - we likely should consider implementing this too.
> That way one would not need to choose between safety and (demo) conveniance.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
