Dutch

Installing a certificate for Dovecot IMAP Server

Step 1. Check the certificate
Networking4all will send your Certificate by e-mail. You will also require an intermediate certificate.

Each certificate will look something like the following:
      -----BEGIN CERTIFICATE-----
      JIEBSDSCEXoCHQEwLQMJSoZILvoNVQECSQAwcSETMRkOAMUTBhMuVrM
      mIoAnBdNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMRwwGgYDVQ
      QLExNQZXJzb25hIENlcnRpZmljYXRlMSQwIgYDVQQDExtPcGVuIE1hc
      mtldCBUZXN0IFNlcnZlciAxMTAwHhcNOTUwNzE5MjAyNzMwWhcNOTYw
      NTE0MjAyOTEwWjBzMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXUlNBIER
      hdGEgU2VjdXJpdHksIEluYy4xHDAaBgNVBAsTE1BlcnNvbmEgQ2VydG
      lmaWNhdGUxJDAiBgNVBAMTG09wZW4gTWFya2V0IFRlc3QgU2VydmVyI
      DExMDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDU/7lrgR6vkVNX40BA
      q1poGdSmGkD1iN3sEPfSTGxNJXY58XH3JoZ4nrF7mIfvpghNi1taYim
      vhbBPNqYe4yLPAgMBAAEwDQYJKoZIhvcNAQECBQADQQBqyCpws9EaAj
      KKAefuNP+z+8NY8khckgyHN2LLpfhv+iP8m+bF66HNDUlFz8ZrVOu3W
      QapgLPV90kIskNKXX3a
      -----END CERTIFICATE-----

Step 2. Copy the server certificate
Copy the entire content including the lines from the beginning and the end of the certificate into a text editor such as Notepad (do not use Word or another word processor) Make sure that the certificate appears as formatted above. In other words, make sure that the lines aforementioned are included.

Step 3. Save the server certificate
Save the certificate as a text file with a .crt file extension to your OpenSSL certs directory, usually /usr/local/ssl/certs but this may vary depending on your particular configuration.

- Install the Intermediate Certificate
You will need to install the intermediate certificate ipsCACLASEA1.crt so that browsers can trust your certificate.
1.Copy the server certificate, including the lines from the beginning and the end of the certificate into a text editor such as Notepad (do not use Word or another word processor) Make sure that the certificate appears as formatted above. In other words, make sure that the lines aforementioned are included.
2.Save the server certificate as a text file with a .crt file extension to your OpenSSL certs directory, usually /usr/local/ssl/certs but this may vary depending on your particular configuration.

-  Configure Dovecot POP/IMAP
In the Virtual Host settings for your site, in the dovecot.conf file, you will need to add the following SSL directives.This may be achieved by: Dovecot config file is /etc/dovecot/dovecot.conf

Relevant settings:

protocols = pop3s imaps 
#debian etch ssl paths
ssl_cert_file = /etc/ssl/certs/mail.yourserver.com.crt
ssl_key_file = /etc/ssl/private/mail.yourserver.com.key
ssl_ca_file = /etc/ssl/certs/IPSCACLASEA1.crt

Save your dovecot.conf file and restart.

Thawte.nl is owned by Networking4all B.V.. The website is created by a collaboration with thawte Inc.. Apart from the strategic agreements that thawte Inc. and Networking4all B.V. have concluded, the organizations act independently. All prices are in euros and exclude VAT.