Merge 6e6ef285f0 into b2ccd99e51
This commit is contained in:
Dimitri KOPRIWA
GitHub
commit
f4455be96e
24
README.md
24
README.md
|
|
@ -140,6 +140,30 @@ Otherwise, `iptables` won't be able to ban IPs.
|
|||
- custom => Enables custom certificates
|
||||
- self-signed => Enables self-signed certificates
|
||||
|
||||
__custom__
|
||||
|
||||
Mount your certs :
|
||||
|
||||
-v ./certs/$(hostname)-full.pem:/tmp/docker-mailserver/ssl/$(hostname)-full.pem -v ./certs/$(hostname)-key.pem:/tmp/docker-mailserver/ssl/$(hostname)-key.pem
|
||||
|
||||
with :
|
||||
|
||||
- $(hostname)-full.pem : your certificate + intermediate certificate
|
||||
- $(hostname)-key.pem : your certificate private key
|
||||
|
||||
__self-signed__
|
||||
|
||||
-v ./certs/$(hostname)-full.pem:/tmp/docker-mailserver/ssl/$(hostname)-cert.pem -v ./certs/$(hostname)-key.pem:/tmp/docker-mailserver/ssl/$(hostname)-key.pem
|
||||
-v ./certs/$(hostname)-full.pem:/tmp/docker-mailserver/ssl/$(hostname)-combined.pem -v ./certs/demoCA/cacert.pem:/tmp/docker-mailserver/ssl/demoCA/cacert.pem
|
||||
|
||||
with :
|
||||
|
||||
- $(hostname)-cert.pem : your generated certificate
|
||||
- $(hostname)-key.pem : your certificate private key
|
||||
- $(hostname)-combined.pem : your generate certificate + cacert
|
||||
- demoCA/cacert.pem : your csr (self signed intermediate certificate)
|
||||
|
||||
|
||||
Please read [the SSL page in the wiki](https://github.com/tomav/docker-mailserver/wiki/Configure-SSL) for more information.
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -147,14 +147,15 @@ case $SSL_TYPE in
|
|||
echo "Adding $(hostname) SSL certificate"
|
||||
mkdir -p /etc/postfix/ssl
|
||||
cp "/tmp/docker-mailserver/ssl/$(hostname)-full.pem" /etc/postfix/ssl
|
||||
cp "/tmp/docker-mailserver/ssl/$(hostname)-key.pem" /etc/postfix/ssl
|
||||
|
||||
# Postfix configuration
|
||||
sed -i -r 's/smtpd_tls_cert_file=\/etc\/ssl\/certs\/ssl-cert-snakeoil.pem/smtpd_tls_cert_file=\/etc\/postfix\/ssl\/'$(hostname)'-full.pem/g' /etc/postfix/main.cf
|
||||
sed -i -r 's/smtpd_tls_key_file=\/etc\/ssl\/private\/ssl-cert-snakeoil.key/smtpd_tls_key_file=\/etc\/postfix\/ssl\/'$(hostname)'-full.pem/g' /etc/postfix/main.cf
|
||||
sed -i -r 's/smtpd_tls_key_file=\/etc\/ssl\/private\/ssl-cert-snakeoil.key/smtpd_tls_key_file=\/etc\/postfix\/ssl\/'$(hostname)'-key.pem/g' /etc/postfix/main.cf
|
||||
|
||||
# Dovecot configuration
|
||||
sed -i -e 's/ssl_cert = <\/etc\/dovecot\/dovecot\.pem/ssl_cert = <\/etc\/postfix\/ssl\/'$(hostname)'-full\.pem/g' /etc/dovecot/conf.d/10-ssl.conf
|
||||
sed -i -e 's/ssl_key = <\/etc\/dovecot\/private\/dovecot\.pem/ssl_key = <\/etc\/postfix\/ssl\/'$(hostname)'-full\.pem/g' /etc/dovecot/conf.d/10-ssl.conf
|
||||
sed -i -e 's/ssl_key = <\/etc\/dovecot\/private\/dovecot\.pem/ssl_key = <\/etc\/postfix\/ssl\/'$(hostname)'-key\.pem/g' /etc/dovecot/conf.d/10-ssl.conf
|
||||
|
||||
echo "SSL configured with 'CA signed/custom' certificates"
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue