Managing SSL certificates for mail domains
You can use an SSL-certificate for every domain.
When you create or edit a domain, select the “Secure connection (SSL)” checkbox.
You will see a list of available SSL-certificate. If they are not found, you will be able to generate a self-signed certificate.
Setup and configuration
- Navigate to the /usr/local/mgr5/etc/ispmgr.conf.d directory, and edit two files:
exim.conf. Add the following string at the end of the configuration file
dovecot.conf. Add the following string at the end of the configuration file
- Edit the Dovecot configuration file
/path_to_dovect/conf.d/10-ssl.conf. Add the following information:
- Edit the Exim configuration file:
/path_to_exim/exim.conf. Edit the SSL settings:
Location of certificates
By default all user certificates are located in /var/www/httpd-cert/user_name.
After domain registration or creation, certificates will be activated as follows:
Exim — copies of the certificate and key are created in the /path_to_exim/ssl directory
named domain_name.crt and domain_name.key
Dovecot — symlinks to the certificate and key are created in the /etc/email/certs directory
named domain_name.crt and domain_name.key correspondingly.
The domain_name.conf configuration files are created in the /path_to_dovecot/certs directory with the following strings:
Editing top-level certificate
During preliminary setup of Exim and Dovecot, a single, “top-level” certificate is activated. A server administrator can edit it.
Navigate to Domains ->Mail domains and click the SSL certificate button.
On the form that will open, you will see the SSL certificate, its key and chain will be displayed. You can edit those data and save the result.
Navigate to Cluster settings ->Cluster nodes. The SSL certificate button will get activated after you assign a mail role to that cluster node. Then you can perform the same operations as in ISPmanager Lite.