[CentOS] Self signed certs, openssl dovecot
Ned Slider
ned at unixmail.co.uk
Fri Jul 24 22:33:29 UTC 2009
Bob Hoffman wrote:
>
>> Did you try any of the advice you received when you asked a month ago?
>>
>> http://lists.centos.org/pipermail/centos/2009-June/078273.html
>>
>
> That was for the error with outlook, this is more about how to add that
> middle chain with dovecot to avoid the issue.
> None of those others will work with outlook. Importing a cert will do
> nothing to avoid a constant error everytime you open up the mail client.
> Only a trusted CA will work it seems.
> Dovecot setup uses two pem files and that is what the books say, but to not
> get the trusted chain error there has to be that third file of 'some kind'
> 'some where' relating to 'some thing'
>
> If you have an answer, link to it, because I can show you no answer at all
> to prevent ssl chain warnings when accessing self signed certs via dovecot
> and mail clients...even if adding to the trusted folders client side.
>
You need to become your own root CA, and sign your server certs with
that root CA cert. Then import the root CA into Outlook as a trusted
authority.
Step by step guides...
http://www.g-loaded.eu/2005/11/10/be-your-own-ca/
http://www.globalsign.com/support/personal-certificate/per_outlook07.html
but all this was explained a month ago in your original thread right here:
http://lists.centos.org/pipermail/centos/2009-June/078275.html
More information about the CentOS
mailing list