1
0
mirror of https://github.com/moparisthebest/davmail synced 2024-12-14 11:42:23 -05:00

Doc: ssl setup doc update from kerstkonijn

git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@1546 3d1905a2-6b24-0410-a738-b14d5a86fcbd
This commit is contained in:
mguessan 2010-11-18 21:36:33 +00:00
parent 7bab6a0a66
commit 9854dfcf9d

View File

@ -24,7 +24,14 @@
pkcs12 -validity 3650 -dname cn=davmailhostname.company.com,ou=davmail,o=sf,o=net pkcs12 -validity 3650 -dname cn=davmailhostname.company.com,ou=davmail,o=sf,o=net
</source> </source>
<p>Note to iPhone users: iOS does not support the default DSA algorithm, make sure you use an RSA key pair</p> <p>Note to iPhone users: iOS does not support the default DSA algorithm, make sure you use an RSA key
pair
</p>
<p>If you have an official certificate in PEM form, convert it to PKCS12 with the following command:</p>
<source>openssl pkcs12 -export -in cert-davmail.pem -inkey privatekey-davmail.key -certfile
chain-davmail.pem -out davmail.p12
</source>
<p>Then add this keystore to DavMail settings: <p>Then add this keystore to DavMail settings:
</p> </p>
@ -35,7 +42,7 @@ davmail.ssl.keystoreFile=davmail.p12
davmail.ssl.keystorePass=password]]></source> davmail.ssl.keystorePass=password]]></source>
<p>If your already have your keystore in JKS format, just set keystoreType to JKS in DavMail <p>If your already have your keystore in JKS format, just set keystoreType to JKS in DavMail
settings. keystorePass is the password used to open the KeyStore, keyPass protects the private key settings. keystorePass is the password used to open the KeyStore, keyPass protects the private key
inside the KeyStore. inside the KeyStore. With PKCS12, keyPass and keystorePass are often identical.
</p> </p>
<p>Restart DavMail, all DavMail listeners will switch to secure mode: POP3S/IMAPS/SMTPS/HTTPS/LDAPS. <p>Restart DavMail, all DavMail listeners will switch to secure mode: POP3S/IMAPS/SMTPS/HTTPS/LDAPS.
You will also need to enable SSL in client applications and manually accept the certificate as it's You will also need to enable SSL in client applications and manually accept the certificate as it's