Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Howto Update Qmail, Dovecot Certs for Outlook Express
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
newtonian
Guru
Guru


Joined: 19 Jan 2005
Posts: 465
Location: Hokkaido Japan
PostPosted: Fri Feb 13, 2009 2:50 pm    Post subject: Howto Update Qmail, Dovecot Certs for Outlook Express Reply with quote
This is basically an update of this howto

https://forums.gentoo.org/viewtopic-t-428500-start-0-postdays-0-postorder-asc-highlight-outlook+qmail.html

Courier-Imap no longer supports qmail, so it's time to move on to dovecot.
This howto shows how to create new certs and .der files to be used with Outlook Express clients.

Qmail SMTP Certificate and .der Generation

Configure your server cert, be sure to set the cn to your servername ie. mymachine.domain.tld
Code:
vim /var/qmail/control/servercert.cnf


change the life of the cert to 10 years if you'd rather not do this again next year
Code:
vim /var/qmail/bin/mkservercert


Code:
# expire on certifcate
days="3650"


get rid of the old servercert.pem and run mkservercert

Code:
cd /var/qmail/control/
mv servercert.pem servercert.old.pem
rm clientcert.pem
/var/qmail/bin/mkservercert


generate the qmail smtp .der file
Code:
openssl x509 -in servercert.pem -outform DER -out certificate-for-outlook-smtp.der


Now let's do the same for the Dovecot POP3/IMAP certficate

Code:

cd /etc/ssl/dovecot
openssl req -new -x509 -nodes -out server.pem -keyout server.key -days 3650


create the IMAP/POP3 .der file for outlook
Code:
openssl x509 -in server.pem -outform DER -out certificate-for-outlook-pop3-and-imap.der


make your .der files accessable to your Outlook Express clients
Code:
mkdir /var/www/localhost/mail-certs/
cp /var/qmail/control/certificate-for-outlook-smtp.der /var/www/localhost/mail-certs/
cp /etc/ssl/dovecot/certificate-for-outlook-pop3-and-imap.der /var/www/localhost/mail-certs/
echo "<html><p><a href=\"./certificate-for-outlook-smtp.der\">outlook smtp cert</a></p>" > index.html
echo "<p><a href=\"./certificate-for-outlook-pop3-and-imap.der\">outlook pop3 imap cert</a></p></html>" >> index.html


restart your processes
Code:
/etc/init.d/svscan restart
/etc/init.d/dovecot restart


Have your Outlook clients open the newly created page and click the links.
If they are using ie6 or ie7 they will be prompted to install the certs.
Code:
http://myserver.com/mail-certs/


Cheers,
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy