Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added certs installation and information

This commit is contained in:
Dimitri Kopriwa 2016-07-05 17:46:51 +07:00
parent 4c5e757fec
commit 92d2742c9d
2 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -140,6 +140,30 @@ Otherwise, `iptables` won't be able to ban IPs.
- custom => Enables custom certificates
- self-signed => Enables self-signed certificates
__custom__
Mount your certs :
-v ./certs/$(hostname)-full.pem:/tmp/docker-mailserver/ssl/$(hostname)-full.pem -v ./certs/$(hostname)-key.pem:/tmp/docker-mailserver/ssl/$(hostname)-key.pem
with :
- $(hostname)-full.pem : your certificate + intermediate certificate
- $(hostname)-key.pem : your certificate private key
__self-signed__
-v ./certs/$(hostname)-full.pem:/tmp/docker-mailserver/ssl/$(hostname)-cert.pem -v ./certs/$(hostname)-key.pem:/tmp/docker-mailserver/ssl/$(hostname)-key.pem
-v ./certs/$(hostname)-full.pem:/tmp/docker-mailserver/ssl/$(hostname)-combined.pem -v ./certs/demoCA/cacert.pem:/tmp/docker-mailserver/ssl/demoCA/cacert.pem
with :
- $(hostname)-cert.pem : your generated certificate
- $(hostname)-key.pem : your certificate private key
- $(hostname)-combined.pem : your generate certificate + cacert
- demoCA/cacert.pem : your csr (self signed intermediate certificate)
Please read [the SSL page in the wiki](https://github.com/tomav/docker-mailserver/wiki/Configure-SSL) for more information.

4
target/start-mailserver.sh
View File

@ -150,11 +150,11 @@ case $SSL_TYPE in
# Postfix configuration
sed -i -r 's/smtpd_tls_cert_file=\/etc\/ssl\/certs\/ssl-cert-snakeoil.pem/smtpd_tls_cert_file=\/etc\/postfix\/ssl\/'$(hostname)'-full.pem/g' /etc/postfix/main.cf
sed -i -r 's/smtpd_tls_key_file=\/etc\/ssl\/private\/ssl-cert-snakeoil.key/smtpd_tls_key_file=\/etc\/postfix\/ssl\/'$(hostname)'-full.pem/g' /etc/postfix/main.cf
sed -i -r 's/smtpd_tls_key_file=\/etc\/ssl\/private\/ssl-cert-snakeoil.key/smtpd_tls_key_file=\/etc\/postfix\/ssl\/'$(hostname)'-key.pem/g' /etc/postfix/main.cf
# Dovecot configuration
sed -i -e 's/ssl_cert = <\/etc\/dovecot\/dovecot\.pem/ssl_cert = <\/etc\/postfix\/ssl\/'$(hostname)'-full\.pem/g' /etc/dovecot/conf.d/10-ssl.conf
sed -i -e 's/ssl_key = <\/etc\/dovecot\/private\/dovecot\.pem/ssl_key = <\/etc\/postfix\/ssl\/'$(hostname)'-full\.pem/g' /etc/dovecot/conf.d/10-ssl.conf
sed -i -e 's/ssl_key = <\/etc\/dovecot\/private\/dovecot\.pem/ssl_key = <\/etc\/postfix\/ssl\/'$(hostname)'-key\.pem/g' /etc/dovecot/conf.d/10-ssl.conf
echo "SSL configured with 'CA signed/custom' certificates"