From bfe70de0c86b3359fbd9281d937e46871b9555d6 Mon Sep 17 00:00:00 2001
From: Sebastian Straub <sebastian-straub@gmx.net>
Date: Sat, 1 Oct 2016 15:49:10 +0200
Subject: [PATCH] how to add your own certificates

---
 docs/content/config/security/ssl.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/docs/content/config/security/ssl.md b/docs/content/config/security/ssl.md
index 67324121..da03e1b9 100644
--- a/docs/content/config/security/ssl.md
+++ b/docs/content/config/security/ssl.md
@@ -2,6 +2,7 @@ There are multiple options to enable SSL:
 
 * using [letsencrypt](https://letsencrypt.org/) (recommended)
 * using self-signed certificates with the provided tool
+* using your own certificates
 
 After installation, you can test your setup with [checktls.com](https://www.checktls.com/TestReceiver).
 
@@ -47,6 +48,21 @@ To use the certificate:
 * add `SSL_TYPE=self-signed` to your container environment variables
 * if a matching certificate (files listed above) is found in `config/ssl`, it will be automatically setup in postfix and dovecot. You just have to place them in `config/ssl` folder.
 
+### Custom certificate files
+
+You can also provide your own certificate files. Add these entries to your `docker-compose.yml`:
+
+    volumes:
+      - /etc/ssl:/tmp/ssl:ro
+    environment:
+    - SSL_TYPE=manual
+    - SSL_CERT_PATH=/tmp/ssl/cert/public.crt
+    - SSL_KEY_PATH=/tmp/ssl/private/private.key
+
+This will mount the path where your ssl certificates reside as read-only under `/tmp/ssl`. Then all you have to do is to specify the location of your private key and the certificate.
+
+Please note that you may have to restart your mailserver once the certificates change.
+
 ### Testing certificate
 
 From your host: