darnit, now you've got my curiosity peeked again ;) my "man imapd.conf" has no information about the tls_key_file.... stuff.
any recommendations on type of cert/key to make? RSA? Jeff > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Amos Gouaux > Sent: Thursday, March 07, 2002 10:13 PM > To: [EMAIL PROTECTED] > Subject: Re: cyrus and SSL/stunnel > > > >>>>> On Thu, 7 Mar 2002 21:40:50 -0800, > >>>>> Jeff Bert <[EMAIL PROTECTED]> (jb) writes: > > jb> I'm trying to get cyrus secured via SSL using stunnel and haven't been > jb> successful yet... this is what I've tried: > > jb> editted cyrus.conf: > > jb> SERVICES { > jb> ... > jb> ... > jb> pop3 cmd="/usr/sbin/stunnel -p > /etc/stunnel/stunnel.pem -l pop3d" > jb> listen="pop3" prefork=0 > jb> ... > jb> ... > jb> } > > jb> is anything like this possible? i need it secured via SSL for > Windoze users. > > You're working too hard. You can provide SSL (TLS) alternatives > like this: > > SERVICES { > ... > imaps cmd="imapd -s" listen="imaps" prefork=0 > ... > pop3s cmd="pop3d -s" listen="pop3s" prefork=0 > ... > } > > Then tell Cyrus where to find the certs using the imapd.conf > settings tls_key_file, tls_cert_file, tls_ca_path, and tls_ca_file. > See imapd.conf(5) for more info. Oh, and don't forget to list the > ports in /etc/services: > > imaps 993/tcp # imap via ssl > pop3s 995/tcp # pop via ssl > > > -- > Amos > >
