[imp] SSL missing

Alan Barnes abarnes at bulletmail.net
Mon Dec 15 09:24:12 PST 2003 

Jari,

Sounds like you are in the right track. I also run SSL on my mail server.
Here is a document on how to generate the SSL certs that you will need for
imp to connect. Please let me know if this helps. 

Regards,

Alan

-----Original Message-----
From: imp-bounces at lists.horde.org [mailto:imp-bounces at lists.horde.org] On
Behalf Of Kallonen, Jari
Sent: Monday, December 15, 2003 3:02 AM
To: 'imp at lists.horde.org'
Subject: [imp] SSL missing

Thanks Dave that document was indeed helpfull. How ever I'm missing OpenSSL
and thats why when I'm trying to install IMAP (make slx) it fails. Did you
(anybody) use SSL , and which version should be used??? I could always
install IMAP with make slx SSLTYPE=none but is the system safe if I do it
without SSL????

Regards
Jari

-- 
IMP mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: imp-unsubscribe at lists.horde.org
-------------- next part --------------
run in order in the tmp directory 

1.  openssl genrsa -des3 -out <server_name>.key 1024 
//You will be prompted to enter a password 
//over the next two you will be asked to enter all kinds of info.   
//view certificate before you do this and youll see how I did it. 

2.  openssl req -new -key <server_name>.key -out <server_name>.csr 

3.  openssl req -new -key <server_name>.key -x509 -days 365 -out <server_name>.crt 


cp /tmp/<server_name>.key /etc/httpd/conf/ssl.key 
cp /tmp/<server_name>.crt /etc/httpd/conf/ssl.crt 
cp /tmp/<server_name>.csr /etc/httpd/conf/ssl.csr 

vi /etc/httpd/conf/httpd.conf 
change lines 
#SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt 
SSLCertificateFile /etc/httpd/conf/ssl.crt/<server_name>.crt 

#SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key 
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/<server_name>.key 


service httpd restart 
-->enter password that you entered when creating <server_name>.key 

Whala.  go to the website and youll be able to see your new key. You will be prompted with a warning telling you that this server is not in your list of trusted hosts. Install the certificate and close your browser. When you reopen it, you will be prompted with nothing. The cert is good for one year.

More information about the imp mailing list