Create Securing data for IMAPS
1.檢視dovecote.pem 預設之資料
[root@sot certs]#cd /usr/share/ssl/certs
[root@sot certs]#openssl x509 -subject -noout < dovecour.pem
root@localhost.localdomain
2.產生一組新的Key內含所需資料
[root@sot certs]# make dovecot.pem
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -newkey rsa:1024 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 ; \
cat $PEM1 > dovecot.pem ; \
echo "" >> dovecot.pem ; \
cat $PEM2 >> dovecot.pem ; \
rm -f $PEM1 $PEM2
Generating a 1024 bit RSA private key
.....++++++
..............................++++++
writing new private key to '/tmp/openssl.SH2798'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:US
umask 77 ; \
PEM1=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
PEM2=`/bin/mktemp /tmp/openssl.XXXXXX` ; \
/usr/bin/openssl req -newkey rsa:1024 -keyout $PEM1 -nodes -x509 -days 365 -out $PEM2 ; \
cat $PEM1 > dovecot.pem ; \
echo "" >> dovecot.pem ; \
cat $PEM2 >> dovecot.pem ; \
rm -f $PEM1 $PEM2
Generating a 1024 bit RSA private key
.....++++++
..............................++++++
writing new private key to '/tmp/openssl.SH2798'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:Tennessee
Locality Name (eg, city) [Newbury]:Knoxville
Organization Name (eg, company) [My Company Ltd]:Red Hat
Organizational Unit Name (eg, section) []:GLS
Common Name (eg, your name or your server's hostname) []:sot.exam.com (此值必須和主機實際host 想同)
Email Address []:root@sot.exam.com
Locality Name (eg, city) [Newbury]:Knoxville
Organization Name (eg, company) [My Company Ltd]:Red Hat
Organizational Unit Name (eg, section) []:GLS
Common Name (eg, your name or your server's hostname) []:sot.exam.com (此值必須和主機實際host 想同)
Email Address []:root@sot.exam.com
3.檢視剛才所建立之pem文件
[root@sot certs]# openssl x509 -subject -noout < dovecot.pem
subject= /C=US/ST=Tennessee/L=Knoxville/O=Red Had/OU=GLS/CN=sot.exam.com/emailAddress=root@sot.exam.com
4.複製dovecot.pem
[root@sot certs]# cp /usr/share/ssl/certs/dovecot.pem /usr/share/ssl/private/
[root@sot certs]#
5.啟動IMAPS 通訊協定
[root@sot certs]# vi /etc/dovecot.conf
第14行增加imap imaps 協定
protocols = imap imaps
6.重新啟動dovecot 服務
[root@sot etc]# service dovecot restart
停止 Dovecot Imap: [確定]
啟動 Dovecot Imap: [確定]
[root@sot etc]#
7.測試
[root@sot etc]# mutt -f {root@sot.exam.com}
全站熱搜
留言列表
程式開發 (4)
