Email FreeBSD Uncategorized

SSL Certificate Installation for Courier IMAP and POP

This guide will provide you information on how to setup and configure SSL certificates for the courier IMAP mail server.

 

Prior to the installation you will need to purchase an SSL certificate from your domain registrar. In this example, the SSL was purchased from DomainPal. You will need the following from:
  • Private Key File (Generated on the server for the CSR creation)
  • Certificate File (Provided by Domain Pal)
  • Intermediate Certificate (Provided by Domain Pal)

 

This installation is done on a FreeBSD server and the directory path may differ on your server.

Follow the steps below to configure both IMAP and POP SSL certificates on your server:

 

IMAP SSL Installation
  • Locate your current imapd-ssl configuration file:
    • cd /usr/local/etc/courier-imap
  • Edit your imapd-ssl configuration file and specify the path of your new ssl (Use your favorite text editor, in my case I have used vi):
    • TLS_CERTFILE=/usr/local/share/courier-imap/[domain].pem

  • Create your pem file:
    • touch /usr/local/share/courier-imap/[domain].pem
  • Add the proper files to your .pem flle in the order provided below:
    • —–BEGIN RSA PRIVATE KEY—–
    • This is the private key that has used to generate the CSR for your SSL certificate
    • —–END RSA PRIVATE KEY—–
    • —–BEGIN CERTIFICATE—–
    • This is the certificate provided to you by your registrar
    • —–END CERTIFICATE—–
    • —–BEGIN CERTIFICATE—–
    • This is the intermediate certificate provided to you by your registrar
    • —–END CERTIFICATE—–
  • Restart imapd-ssl service
    • /usr/local/etc/rc.d/courier-imap-imapd-ssl restart
POP3 SSL Installation
    • Locate your current pop3d-ssl configuration file:
      • cd /usr/local/etc/courier-imap
    • Edit your pop3d-ssl configuration file and specify the path of your new ssl (Use your favorite text editor, in my case I have used vi):
      • TLS_CERTFILE=/usr/local/share/courier-imap/[domain].pem

    • Create your pem file:
      • touch /usr/local/share/courier-imap/[domain].pem
    • Add the proper files to your .pem flle in the order provided below:
      • —–BEGIN RSA PRIVATE KEY—–
      • This is the private key that has used to generate the CSR for your SSL certificate
      • —–END RSA PRIVATE KEY—–
      • —–BEGIN CERTIFICATE—–
      • This is the certificate provided to you by your registrar
      • —–END CERTIFICATE—–
      • —–BEGIN CERTIFICATE—–
      • This is the intermediate certificate provided to you by your registrar
      • —–END CERTIFICATE—–
  • Restart imapd-ssl service
    • /usr/local/etc/rc.d/courier-imap-pop3d-ssl restart
Test Installation

Once the installation has been completed you can use the following to test:

  • Test IMAP over SSL
    • openssl s_client -showcerts -connect [domain]:993

    • example: openssl s_client -showcerts -connect example.com:993
  • Test POP3 over SSL
    • openssl s_client -showcerts -connect [domain]:995

    • example: openssl s_client -showcerts -connect example.com:995

 

 

 

Related Articles

  • Extract Tar Files to a Different Directory

    Syntax Typical Unix tar syntax: tar -xf file.name.tar -C /path/to/directory GNU/tar syntax: tar xf file.tar -C /path/to/directory tar xf file.tar --directory /path/to/directory Example: Extract files to another directory In this...
  • What is a forward?

    Forward   It forwards email messages sent to a local e-mail address to another one. You can use forwards to forward mail to another server. To create a forward you...
  • How to List Compiled PHP Modules from the Command Line

    The general command is php -m; this command will give you the full list of extensions: php -m This command will give you an output like: bz2 calendar Core ctype...
  • Set Up Email for Thunderbird

    This article will explain the steps on how you should properly install your email through Thunderbird. Question: Why would you want me to install the mailing system, Thunderbird. Answer: Thunderbird...