1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

RE: SSL cert for SSMTP

Discussion in 'Plesk 9.x for Linux Issues, Fixes, How-To' started by dlynes, Sep 27, 2009.

  1. dlynes

    dlynes Guest

    0
     
    Just wondering whereabouts I would install the SSL certificate for Secure SMTP?

    Going into general settings, and then certificates, and then enable cert for plesk panel or for default cert for new servers doesn't seem to do it. Going into the domain settings, and then certificates, and creating the cert in there doesn't seem to work either.

    I've been able to find instructions on how to do it for web servers, but not for the SSMTP service.

    Thank you.
     
  2. Satoriya

    Satoriya Guest

    0
     
    Please, review the KB http://kb.odin.com/en/1062, it explains how to apply a certificate to use it for SMTP (in case if Qmail is used as MTA), POP3 and IMAP connections.
     
  3. steve s

    steve s Guest

    0
     
    Resolution

    The certificate for SMTP over SSL is located in /var/qmail/control/servercert.pem file.

    For IMAP4 and POP3 over SSL the following certificate files are used accordingly:

    /usr/share/courier-imap/imapd.pem
    /usr/share/courier-imap/pop3d.pem

    By default these are self-signed certificates for the Plesk Control Panel. If you need to setup your own certificates, you should copy your certificate and private key into the appropriate files and restart qmail and/or courier-imap services.

    Make sure to specify the domain name for the certificate in order to avoid "domain name mismatch" warnings. For example, if the certificate was issued for the 'mt-example.com' domain, then you should specify 'mt-example.com' in your mail client preferences for SMTP/POP3/IMAP servers.

    Additional information

    The /var/qmail/control/servercert.pem file should include the following:

    1. The private key
    2. The primary certificate
    3. The intermediate certificate
    4. The root certificate


    Make sure that you include the begin and end tags of the key and each certificate including the dash lines. The resulting text should look like this:



    -----BEGIN RSA PRIVATE KEY-----
    ..........
    (Your Private Key here)
    ..........
    -----END RSA PRIVATE KEY-----
    -----BEGIN CERTIFICATE-----
    ..........
    (Your Primary SSL certificate here)
    ..........
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    ..........
    (Your Intermediate certificate here)
    ..........
    -----END CERTIFICATE-----
    -----BEGIN CERTIFICATE-----
    ..........
    (Your Root certificate here)
    ..........
    -----END CERTIFICATE-----

    Body of SSL certificate in /usr/share/courier-imap/imapd.pem and /usr/share/courier-imap/pop3d.pem should look like this:

    -----BEGIN CERTIFICATE-----
    MIIB8TCCAZsCBEUpHKkwDQYJKoZIhvcNAQEEBQAwgYExCzAJBgNVBAYTAlJPMQww
    ............
    ............
    eNpAIeF34UctLcHkZJGIK6b9Gktm
    -----END CERTIFICATE-----
    -----BEGIN RSA PRIVATE KEY-----
    MIICXgIBAAKBgQDv6i/mxtS2B2PjShArtOAmdRoEcCWa/LH1GcrbW14zdbmIqrxb
    ..........
    ..........
    faXRHcG37TkvglUZ3wgy6eKuyrDi5gkwV8WAuaoNct5j5w==
    -----END RSA PRIVATE KEY-----


    Thanks,
    Steve
    thesslstore
    Rapidsslonline
     
  4. nill s

    nill s New Pleskian

    19
     
    Joined:
    Nov 6, 2009
    Messages:
    2
    Likes Received:
    0
    Location:
    Newark, DE, USA
    Hello dlynes..

    ClickSSL.com is the best solution for your problem.
    You can find the best Certificate to secure your SSMTP.
     
Loading...