Knowledge base
Configuring an Email Server's SSL Certificate
If you want to use your SSL certificate for mail, configure to the following settings.
ISPmanager
In the ISPmanager control panel, go to "Domains" -> "Mail Domains" and click "SSL certificate" on the toolbar.
Replace the key values with your certificate keys and press OK.
CentOS
Exim Mail Server
Copy the SSL certificate file and the file with the key in /etc/exim/ssl/ . Enable access privileges for these files:
chmod 444 /etc/exim/ssl/mydomain.ru.crt chmod 400 /etc/exim/ssl/mydomain.ru.key
Where mydomain.ru.crt is the certificate name and mydomain.ru.key is the name of the file with the key.
Open the exim.conf file for editing:
vi /etc/exim/exim.conf
Make the following edit:
# TLS/SSL tls_advertise_hosts = * tls_certificate = /etc/exim/ssl/mydomain.ru.crt tls_privatekey = /etc/exim/ssl/mydomain.ru.key daemon_smtp_ports = 25 : 465 : 587 tls_on_connect_ports = 365
Restart the mail server using the command:
service exim restart
Dovecot Mail Server
Copy the SSL certificate file in /etc/pki/dovecot/certs/ and the file with the key in /etc/pki/dovecot/private/. Enable access privileges for these files:
chmod 600 /etc/pki/dovecot/certs/mydomain.ru.crt chmod 600 /etc/pki/dovecot/private/mydomain.ru.key
Where mydomain.ru.crt is the certificate name and mydomain.ru.key is the name of the file with the key.
Open the 10-ssl.conf file for editing:
vi /etc/dovecot/conf.d/10-ssl.conf
Make the following edit:
ssl = yes ssl_cert = </etc/pki/dovecot/certs/mydomain.ru.crt ssl_key = </etc/pki/dovecot/private/mydomain.ru.key
Restart the mail server using the command:
service dovecot restart
Debian
Exim Mail Server
Copy the SSL certificate file and the file with the key in /etc/exim4/ssl/. Enable access privileges for these files:
chown root:root /etc/exim4/ssl/mydomain.ru.crt chmod 644 /etc/exim4/ssl/mydomain.ru.crt chown Debian-exim:Debian-exim /etc/exim4/ssl/mydomain.ru.key chmow 400 /etc/exim4/ssl/mydomain.ru.key
Where mydomain.ru.crt is the certificate name and mydomain.ru.key is the name of the file with the key.
Open the exim4.conf.template file for editing:
vi /etc/exim4/exim4.conf.template
Make the following edit:
tls_certificate = /etc/exim4/ssl/domain.ru.crt tls_privatekey = /etc/exim4/ssl/domain.ru.key
Restart the mail server using the command:
service exim4 restart
Dovecot Mail Server
Copy the SSL certificate file in /etc/dovecot/ and the file with the key in /etc/dovecot/private/. Enable access privileges for these files:
chown root:dovecot /etc/dovecot/mydomain.ru.crt chmod 644 /etc/dovecot/mydomain.ru.crt chown root:dovecot /etc/dovecot/private/mydomain.ru.key chmod 600 /etc/dovecot/private/mydomain.ru.key
Where mydomain.ru.crt is the certificate name and mydomain.ru.key is the name of the file with the key.
Open the 10-ssl.conf file for editing:
vi /etc/dovecot/conf.d/10-ssl.conf
Make the following edit:
ssl = yes ssl_cert = </etc/dovecot/mydomain.ru.crt ssl_key = </etc/dovecot/private/mydomain.ru.key
Restart the mail server using the command:
service dovecot restart