Kategorie: DirectAdmin

Installing SSL Certificate for the mail server DirectAdmin

The article described below is a full description of the installation ssl certificate for the mail server.
Description has been prepared for the server panel DirectAdmin.

Assume that each of us has already generated certificate and have 3 files.
certyfikat.crt
klucz.key
certyfikatpośredni.crt

Each publisher certificate should provide just such files, they are necessary to install certificates for both Web and mail server.

edit the necessary files /etc/exim.key:

nano /etc/exim.cert

and we paste there our certificate which podejżymy file certyfikat.crt that we got from the publisher.

Edit your /etc/exim.key

nano /etc/exim.key

and there analogous paste the private key file that podejrzymy klucz.key from the publisher.

Another file is a file /etc/exim.cacert
perhaps it is not so it will create.

nano /etc/exim.cacert

Important note here.

The file should contain pasted at the beginning of the certificate then the intermediate CA certificates.

when all carefully glue we give permission to this file.

chown mail.mail /etc/exim.cacert

The next step is to edit the configuration file exim.conf

nano /etc/exim.conf

we find:

tls_certificate =

and set the whole in the following manner:

#EDIT#23:
tls_certificate = /etc/exim.certs
tls_privatekey = /etc/exim.key
openssl_options = +no_sslv2 +no_sslv3
tls_require_ciphers = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

We already have almost everything.
We move all the settings to relevant files:

cat /etc/exim.cert>/etc/exim.certs
cat /etc/exim.cacert>>/etc/exim.certs
chown mail.mail /etc/exim.certs

The last step is to edit the configuration files dovecot

nano /etc/dovecot/conf/ssl.conf

The file should look like this:

ssl_cert = /exim.cert
ssl_key = /exim.key
ssl_ca = /exim.cacert

ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

Left us a service restart.

service exim restart
service dovecot restart

That's it 😉

In the settings of the mail client as a server incoming and outgoing mail not only give mail.domena.pl domena.pl
SSL encryption
As a normal password authentication.

Related entries:

  • Forcing the character encoding on the server with Litespeed and DirectAdmin
  • Default RoundCube language
  • DirectAdmin two versions of PHP
  • OpenLiteSpeed ​​installation on a server with DirectAdmin
  • Calendar added to Roundcube and Elastic template

    • Linux

    Zostaw komentarz
    Udostępnij
    Opublikowane przez
    Linux
    Tagi: CertificateDirectadminInstallationpost officeSSL
    7 years temu

    Recent posts

    KeePass2 2.52 w Ubuntu 22.04

    The guide below describes how to install KeePass on Ubuntu. Całość wykonamy za pomocą kilku poleceń

    2 years temu

    Installing Master PDF editor in Ubuntu 22.04

    Master PDF Editor is a comprehensive PDF program, which includes many features. Oprócz tworzenia i edycji

    2 years temu

    iotop - memory monitoring

    Iotop jest prostym narzędziem dla systemów Uniksowych umożliwiającym monitorowanie użycia dowolnego nośnika pamięci flash/hdd/ssd w

    2 years temu

    Run multiple commands in one cron job

    You can separate two or more commands with semicolons (;), Semicolon (;): służy do oddzielania

    2 years temu

    Changing the exif data of a photo in the Linux terminal

    Poniższy poradnik opisuje w jaki sposób za pomocą konsoli możemy dokonać edycji danych zdjęcia exif.

    2 years temu

    Installing Rocket.Chat Server on Rocky Linux 8

    The following guide describes how to install Rocket.Chat on Rocky Linux 8 Całość bardzo prosto zainstalujemy

    2 years temu