How do I configure my firewall home : internet : mail : toaster : FAQ : can I use a signed SSL certificate migrate to new server

As of two minutes ago I now run with a signed certificates on my mail server. (previously I use self-signed certs). Check out any of the email services on (https, pop3s, imaps, ssl-tls) and you'll find them to all be secured using a real valid SSL cert.

Installing the signed certificate consisted of:

  • cat /path/to/ssl/cert.key > /var/qmail/control/servercert.pem
  • cat /path/to/ssl/cert.crt >> /var/qmail/control/servercert.pem
  • cat /path/to/ssl/intermediary_cert.crt >> /var/qmail/control/servercert.pem
  • ;
  • cp /var/qmail/control/servercert.pem /var/qmail/control/clientcert.pem
  • chown vpopmail:vchkpw /var/qmail/control/servercert.pem
  • chown qmaild /var/qmail/control/clientcert
  • chmod 400 /var/qmail/control/servercert.pem /var/qmail/control/clientcert
  • qmail restart
  • ;
  • cp /var/qmail/control/servercert.pem /usr/local/share/courier-imap/imapd.pem
  • cp /var/qmail/control/servercert.pem /usr/local/share/courier-imap/pop3d.pem
  • imapssl stop
  • imapssl start
  • pop3ssl stop
  • pop3ssl start

That's all I had to do.... other than reconfigure my email client to connect on the hostname that my "real" cert uses, and it works like a charm.

Last modified on 6/3/05.