Welcome guest!
[Signup] or [Login]

Enabling Secure IMAP and POP3 with Dovecot

Obtain a certificate, using the server name for the Common Name (CN). This name should correspond to what the clients (Outlook, Mozilla, etc) are using as their POP3 or IMAP server setting.
Upon completion you will have a private-key file (host.key) and public-key (certificate) file (host.cert). Rename the files as needed, or adjust the values in the next step.
Move the certificate and private-key to where dovecot expects to find them. The exact location may vary depending on your operating system. Create the parent directories of necessary.
```
mv frank.crt /etc/ssl/certs/imapd.crt
mv frank.key /etc/ssl/private/imapd.key
chown root /etc/ssl/private/imapd.key
chmod 600 /etc/ssl/private/imapd.key
```

Make the following adjustments to dovecot.conf

protocols = imaps pop3s
ssl_disable = no
ssl_cert_file = /etc/ssl/certs/imapd.crt
ssl_key_file = /etc/ssl/private/imapd.key

To enable certificate trust to work correctly, you may need to load the signing certificate (aka CA certificate) onto each client. You may download the Credentia CA certificate from here. Other CA certificates (VeriSign, Thawte, Geotrust etc) are typically already inside the certificate store.
Configure each email client to use SSL for IMAP (port 993) or POP3 (port 995).


Home Page Certificates Purchase Instructions Exim Postfix Sendmail UW IMAP Dovecot OpenLDAP Services Research Technology Clients Repository Contact Welcome guest! [Signup] or [Login]	Home - Certificates - Dovecot
	Enabling Secure IMAP and POP3 with Dovecot Obtain a certificate, using the server name for the Common Name (CN). This name should correspond to what the clients (Outlook, Mozilla, etc) are using as their POP3 or IMAP server setting. Upon completion you will have a private-key file (host.key) and public-key (certificate) file (host.cert). Rename the files as needed, or adjust the values in the next step. Move the certificate and private-key to where dovecot expects to find them. The exact location may vary depending on your operating system. Create the parent directories of necessary. `mv frank.crt /etc/ssl/certs/imapd.crt mv frank.key /etc/ssl/private/imapd.key chown root /etc/ssl/private/imapd.key chmod 600 /etc/ssl/private/imapd.key` Make the following adjustments to dovecot.conf `protocols = imaps pop3s ssl_disable = no ssl_cert_file = /etc/ssl/certs/imapd.crt ssl_key_file = /etc/ssl/private/imapd.key` To enable certificate trust to work correctly, you may need to load the signing certificate (aka CA certificate) onto each client. You may download the Credentia CA certificate from here. Other CA certificates (VeriSign, Thawte, Geotrust etc) are typically already inside the certificate store. Configure each email client to use SSL for IMAP (port 993) or POP3 (port 995). See Also Dovecot Homepage
Comments or questions? Email webmaster@credentia.cc ©2003-2009 Credentia, All Rights Reserved

Enabling Secure IMAP and POP3 with Dovecot

See Also