MySQL, Java, JSP, Servlet, Tomcat and Jboss Web Hosting Blog

Chapter 25 . Running a Mail Server 689 3. If you are going to be using a certificate from a CA that is not already recognized (this is generally only true if you are running your own CA), place the CA public certificate in its own file in /etc/ssl/certs/ and update the certificate database: # update-ca-certificates 4. Generate the private key and certificate signing request, as described in Chapter 24. The best location for these files is in /etc/ssl/private/. Here s an example: # cd /etc/exim4 # openssl genrsa -out mail.key 1024 # chmod 640 mail.key # openssl req -new -key mail.key -out mail.csr # chown root:Debian-exim mail.key 5. Get your CSR (Certificate Signing Request) signed and place the certificate in /etc/mail/private/mail.crt. Or, to do a self-signed certificate, do the following: # cd /etc/exim4 # openssl req -new -x509 -nodes -sha1 -days 365 -key mail.key -out mail.crt # chmod 640 mail.crt # chown root:Debian-exim mail.crt Some remote servers will refuse to send messages to your server if your certificate is not signed by a CA that they recognize. Also, make sure the common name (cn) attribute on your certificate matches the name of the server in DNS. 6. Concatenate the private key and certificate into a single file for Courier: # cd /etc/courier # cat /etc/exim4/mail.key /etc/exim4/mail.crt > mail.pem # chmod 600 mail.pem 7. Enable SSL/TLS in the Courier IMAP and POP daemons by editing both /etc/courier/imapd-ssl and /etc/courier/pop3d-ssl and replacing the values for TLS_CERTFILE and TLS_TRUSTCERTS with the following: TLS_CERTFILE=/etc/courier/mail.pem TLS_TRUSTCERTS=/etc/ssl/certs/ca-certificates.pem 8. Tell Exim where it can find the private key and certificate, and enable TLS. Create a file named /etc/exim4/conf.d/main/12_exim4- config_local_tlsoptions containing the following: MAIN_TLS_CERTIFICATE = CONFDIR/mail.crt MAIN_TLS_PRIVATEKEY = CONFDIR/mail.key MAIN_TLS_ENABLE = 1 Caution
We recommend high quality webhost to host and run your jsp application: christian web host services.

This entry was posted on Saturday, September 15th, 2007 at 12:58 am and is filed under PHP5. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.