Tiger Mountain Technologies

Technical support bbs for Tiger Mountain Technologies and LewisCounty.com
http://bbs.lewiscounty.com/phpBB3/

Updating SSL cert on mail server

http://bbs.lewiscounty.com/phpBB3/viewtopic.php?f=1&t=22

Page 1 of 1

Updating SSL cert on mail server

PostPosted: Wed Jul 21, 2004 12:03 am
by forhire
Our self signed cert on the mail server has expired. We purchased a new cert tonight and are awaiting final approval. We should have it installed in a day or two.

PostPosted: Wed Jul 21, 2004 7:11 pm
by forhire
The new cert has been installed on the webmail side of the server. You can now use ssl to encrypt your webmail browsing. Very cool for those of you that travel and use untrusted networks.

We will also be installing the certificate on the pop3 daemon later tonight for ssl encrypted pop3 mail on port 995. I will post an update when completed.

PostPosted: Thu Jul 22, 2004 1:12 am
by forhire
The new ssl cert has been installed on the pop3 daemon on port 995. You can now configure your mail programs to login using ssl. In Outlook Express you'll find the option under the Advanced tab of your Account properties. :lol:

A couple of notes for others who may want to do the same with uw-imap. You need to decrypt your key if you used a password and if your CA is chained you'll need to cat it to the end of your ipop3d.pem file like:

openssl rsa -in mail.key -out mail.key.unencrypted
cat mail.key.unencrypted > ipop3d.pem
cat mail.cer >> ipop3d.pem
cat sf_issuing.crt >> ipop3d.pem
/etc/init.d/xinetd restart

Test your setup:
openssl s_client -connect mail.lewiscounty.com:995
All times are UTC - 8 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/