When i check the mail, always there is warning about pop certificates. by default ubuntu uses an auto generated certifcate to "localhost". I tested one way to fixed it but i not sure that is it the right way to do it. -------------------------------------------- sudo cat /etc/postfix/smtpd.cert > pop3d.pem sudo openssl gendh >> pop3d.pem sudo cat /etc/postfix/smtpd.key >> pop3d.pem sudo chmod 600 pop3d.pem --------------------------------------------- them i replace the default pop3d.pem at /etc/couirer and restart the service. Thanks.
The error message is likely more due to the fact that the certificate is self-signed and therefore no trusted. You would need to purchase a certificate to make the error disappear properly. Alternatively you can just save the certificate in your mail client and it will never ask again (basically you tell your mail client that you do trust the cert).
Thats right, but i was talking about when the pop server and the hostname of the certificate are no the same. The default certificate is for "localhost", and the pop server is like "mail.mydomain.com" then there is the warning, because the conection is for a host named "mail.mydomain.com" and the certificate is for "localhost". I tested that and it works. thanks.
*correction* to falko's post that command was mkimapdcert I think the solution you want alonco is to: change /usr/lib/courier/imapd.cnf and /usr/lib/courier/pop3d.cnf to the values you want, then delete /usr/lib/courier/imapd.pem and /usr/lib/courier/pop3d.pem, run both mkimapdcert and mkpop3dcert and finally copy both /usr/lib/courier/imapd.cnf and /usr/lib/courier/pop3d.cnf to the /etc/courier/ dir replacing the two active certificates. Using this method I have managed to remove the warnings for one domain, but not figured out how to do this for each of my domains. Any suggestions?
By the way, I am having no problems with the POP & IMAP certificates but my SMTP one keeps the localhost as the fully qualified domain name, here is what falko's tutorial says: Code: cd /etc/postfix openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 365 -x509 <-- Enter your Country Name (e.g., "DE"). <-- Enter your State or Province Name. <-- Enter your City. <-- Enter your Organization Name (e.g., the name of your company). <-- Enter your Organizational Unit Name (e.g. "IT Department"). <-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com"). <-- Enter your Email Address. chmod o= /etc/postfix/smtpd.ke however I am never asked the question Code: <-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com"). **EDIT** That was me being stupid, I wasn't asked the exact questions above, instead I was asked something along the lines of Code: <-- Your Name Turns out these are one and the same thing.
