This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux:emailserver:courier [2018/01/30 19:11] tkilla |
linux:emailserver:courier [2018/04/03 15:27] (current) tkilla |
||
---|---|---|---|
Line 24: | Line 24: | ||
mkdir msgs | mkdir msgs | ||
mkdir msgq | mkdir msgq | ||
- | chown daemon:daemon | + | chown courier:courier |
- | chown daemon:daemon | + | chown courier:courier |
| | ||
/ | / | ||
Line 46: | Line 46: | ||
===== config tricks ===== | ===== config tricks ===== | ||
+ | |||
+ | |||
+ | ===== SSL Certificates ===== | ||
+ | |||
+ | ...tricky! | ||
+ | |||
+ | All config files use these two variables, so I set them to the same cert files in all configs: | ||
+ | |||
+ | Private Key and Cert and intermediate-cert and root-cert(s) combined in one file. The order is unclear. I had the private key first for many years, but documentations speak about putting the cert first: | ||
+ | |||
+ | cat myserver.example.com.key myserver.example.com.crt [intermediate.crt] > myserver.example.com.pem | ||
+ | | ||
+ | |||
+ | TLS_CERTFILE=/ | ||
+ | |||
+ | This contains the intermidiate-certs - i use the ca-bundle provided by the vert dealer | ||
+ | This seems to be only used by eSMTP - IMAP and POP works without it | ||
+ | |||
+ | TLS_TRUSTCERTS=/ | ||
+ | |||
+ | |||
+ | Checks: | ||
+ | openssl s_client -starttls imap -connect myserver.example.com: | ||
+ | https:// | ||
+ | |||
+ | SMTP-Error after cert install: "no cipher suites found": | ||