how to enable TLs encryption only ?

JOYDEEP j.bakshi at unlimitedmail.org
Fri Mar 30 05:02:07 EST 2007


Carsten Mathaes wrote:
> JOYDEEP wrote:
>
>   
>> is it possible to enable the TLs encryption in cyrus ? I don't need the
>> certificate to authenticate the client. only the transportation will be
>> encrypted.
>>     
>
> Hi!
>
> A look at /cyrus-imapd_source/doc/install-configure.html
>   

Hi Carsten,

Thanks a lot for your response. I have already done this with the help
of  Rudy.
Now I want to restrict cyrus so that it only allow TLS encrption and
nothing else.
any suggestion ?
have a nice day.

> shows:
>
> SSL, TLS, and OpenSSL
>
> [...]
>
> Configuring Cyrus with OpenSSL
>
> [...]
>
> 1. openssl req -new -x509 -nodes -out /var/imap/server.pem -keyout
> /var/imap/server.pem -days 365
> [...]
>
> 2. Make sure to make key file(s) readable by the Cyrus user. For
> example: chown cyrus /var/imap/server.pem
>
> 3. Add the following to /etc/imapd.conf to tell the server where to find
> the certificate and key file (used for ALL services):
> tls_cert_file: /var/imap/server.pem
> tls_key_file: /var/imap/server.pem
> [...]
>
> 4. You can test STARTTLS by using imtest:
> imtest -t "" foobar.andrew.cmu.edu
>
> In your imapd.conf I think there must be a line like
> imaps         cmd="imapd -s" listen="imaps" prefork=0
>
>
> More details in your_source-tree/doc/
>
> Ciao!
>
> Carsten.
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
>
>   



More information about the Info-cyrus mailing list