Hi guy
> * Anyone had success or similar issues with certificates?
I only do SMTP but I do have SSL certificates setup for my SMTP listener on
port 465
here is the relevant extract of my smtpserver.xml
```
<smtpserver enabled="true">
<jmxName>smtpserver-socketTLS</jmxName>
<bind>0.0.0.0:465</bind>
<connectionBacklog>200</connectionBacklog>
<tls socketTLS="true" startTLS="false">
<privateKey>file://conf/tls/tls.key</privateKey>
<certificates>file://conf/tls/tls.crt</certificates>
</tls>
<helloName autodetect="false">james.xn--gml-cma.com</helloName>
<connectiontimeout>360</connectiontimeout>
<connectionLimit>0</connectionLimit>
<connectionLimitPerIP>0</connectionLimitPerIP>
<!--
Authorize only local users
-->
<authRequired>true</authRequired>
<auth>
<announce>forUnauthorizedAddresses</announce>
<requireSSL>true</requireSSL>
<plainAuthEnabled>true</plainAuthEnabled>
</auth>
<authorizedAddresses>127.0.0.0/8</authorizedAddresses>
<!-- Trust authenticated users -->
<verifyIdentity>false</verifyIdentity>
<proxyRequired>false</proxyRequired>
<maxmessagesize>0</maxmessagesize>
<addressBracketsEnforcement>true</addressBracketsEnforcement>
<smtpGreeting>James SMTP awesome Server</smtpGreeting>
<handlerchain>
<handler
class="org.apache.james.smtpserver.fastfail.ValidRcptHandler"/>
<handler
class="org.apache.james.smtpserver.CoreCmdHandlerLoader"/>
<handler
class="org.apache.james.crowdsec.CrowdsecSMTPConnectHandler"/>
</handlerchain>
</smtpserver>
```
I use letsencrypt to generate the certificate so it has a proper
certificate authority for free :D
it is very hard to answer the other questions without more relvant context.
> * Can anyone suggest on where and how to configure the mail server
address in James?
I'm not sure what you mean by "mail server address" ... do you mean where
to configure the domains which the server is expected to handle mail for ?
if so it depends on which variant of the server you are using, could be in
domain list could be configure through api calls and stored in a database.
Which setup are you running ?
> * Are self-signed certificates okay?
I guess but not sure how clients are going to react, at best you would get
a warning at worst it could simply refuse to work.
> * Anyone know how to submit certificates to certificate authority?
I strongly suggest using letsencrypt
Jean
On Wed, Nov 20, 2024 at 7:48 PM <guy.tremb...@welnx.com> wrote:
> Hi all,
>
>
>
> I struggle with mail certificates with James, and general setup. I use
> Apache on Windows.
>
>
>
> I made self signed certificates using keytool:
>
> keytool -genkey -alias xyz -keyalg RSA -keystore conf/keystore
>
>
>
> I setup ports 993 for incoming and 465 for outgoing with login and
> configured in the imapserver and smtpserver configuration files.
>
>
>
> I can receive or send emails on outlook in Windows. I can receive and send
> emails on Outlook on iPhone but I don't receive new mail notifications.
>
> When I setup the email on my iphone with Mail or Gmail I struggle to
> configure the accounts; only works on iPhone in Outlook. I managed to make
> it working with Mail but somehow stopped working at some point.
>
>
>
> I am not sure if the self signed certificate is the issue or the James
> configuration, or else. Perhaps I should submit a certificate to the
> certificate authority, but I have failed so far it is quite complicated.
>
>
>
> * Can anyone suggest on where and how to configure the mail server
> address in James?
>
> * I configured in domainlist.xml but unsure if setup correctly
>
> * Anyone had success or similar issues with certificates?
>
> * Are self-signed certificates okay?
>
> * Anyone know how to submit certificates to certificate authority?
>
>
>
> I followed this for the most part:
>
> https://james.apache.org/server/config-ssl-tls.html
>
>
>
> Kind regards, Cordialement,
>
> Guy
>
>
>
>
