1
0
mirror of https://github.com/moparisthebest/davmail synced 2024-12-13 11:12:22 -05:00

Doc: document custom certificate authority handling

git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@1661 3d1905a2-6b24-0410-a738-b14d5a86fcbd
This commit is contained in:
mguessan 2011-04-11 10:19:31 +00:00
parent 48f2f5196a
commit e6fbb8fe13

View File

@ -51,6 +51,17 @@ davmail.ssl.keystorePass=password]]></source>
</subsection> </subsection>
<subsection name="DavMail to Exchange"> <subsection name="DavMail to Exchange">
<p>
<strong>Custom certificate authority</strong>
</p>
<p>Most users rely on the interactive accept certificate dialog to handle non public certificate authorities.
However, this will not work with an Exchange server cluster with a different certificate on each server.
In this case, you need to update global Java truststore with the custom certificate authority:
</p>
<source>keytool -import -alias root -keystore /path/to/jre/lib/security/cacerts -trustcacerts -file rootca.crt -storepass changeit -noprompt</source>
<p>
<strong>Client certificate</strong>
</p>
<p>In most cases, using https in OWA url is enough to secure communication between DavMail and Exchange. <p>In most cases, using https in OWA url is enough to secure communication between DavMail and Exchange.
However, with Exchange servers setup to require mutual authentication, you will have to register However, with Exchange servers setup to require mutual authentication, you will have to register
your client certificate in DavMail settings, either through PKCS11 (smartcard) or file certificate. your client certificate in DavMail settings, either through PKCS11 (smartcard) or file certificate.