Install SSL certificate on postfix and dovecot

Make key file

#openssl genrsa -des3 -out example.com.key 2048
Generating RSA private key, 1024 bit long modulus
…………..++++++
..++++++
e is 65537 (0x10001)
Enter pass phrase for example.com.key:
Verifying – Enter pass phrase for example.com.key:
# openssl req -new -key example.com.key -out example.com.csr
Enter pass phrase for example.com.key:
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
A challenge password []:
An optional company name []:

Get CRT (GeoTrust, verisign etc)

Remove pass phrase

#openssl rsa -in example.com.key -out example.com.pem

edit /etc/postfix/main.cf

smtpd_use_tls = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_key_file = /etc/pki/tls/certs/example.com.pem
smtpd_tls_cert_file = /etc/pki/tls/certs/example.com.crt

edit /etc/dovecot.conf

ssl_disable = no
ssl_cert_file = /etc/pki/tls/certs/example.com.crt
ssl_key_file = /etc/pki/tls/certs/example.com.pem

restart postfix and dovecot

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.