Doc: ssl setup doc update from kerstkonijn

git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@1546 3d1905a2-6b24-0410-a738-b14d5a86fcbd
2010-11-18 21:36:33 +00:00 · 2010-11-18 21:36:33 +00:00 · 9854dfcf9d
parent 7bab6a0a66
commit 9854dfcf9d
1 changed files with 9 additions and 2 deletions
--- a/src/site/xdoc/sslsetup.xml
+++ b/src/site/xdoc/sslsetup.xml
@ -24,7 +24,14 @@
                    pkcs12 -validity 3650 -dname cn=davmailhostname.company.com,ou=davmail,o=sf,o=net
                </source>

-                <p>Note to iPhone users: iOS does not support the default DSA algorithm, make sure you use an RSA key pair</p>
+                <p>Note to iPhone users: iOS does not support the default DSA algorithm, make sure you use an RSA key
+                    pair
+                </p>
+
+                <p>If you have an official certificate in PEM form, convert it to PKCS12 with the following command:</p>
+                <source>openssl pkcs12 -export -in cert-davmail.pem -inkey privatekey-davmail.key -certfile
+                    chain-davmail.pem -out davmail.p12
+                </source>

                <p>Then add this keystore to DavMail settings:
                </p>
@ -35,7 +42,7 @@ davmail.ssl.keystoreFile=davmail.p12
 davmail.ssl.keystorePass=password]]></source>
                <p>If your already have your keystore in JKS format, just set keystoreType to JKS in DavMail
                    settings. keystorePass is the password used to open the KeyStore, keyPass protects the private key
-                    inside the KeyStore. 
+                    inside the KeyStore. With PKCS12, keyPass and keystorePass are often identical.
                </p>
                <p>Restart DavMail, all DavMail listeners will switch to secure mode: POP3S/IMAPS/SMTPS/HTTPS/LDAPS.
                    You will also need to enable SSL in client applications and manually accept the certificate as it's