I hope I'm asking this on the right list, in the right place. I go through this every three years and for whatever reason keep forgetting to record how this works! In the Dovecot config, there are two places to define SSL certificates--ssl_cert_file and ssl_key_file. My question is this: Which two of the three files--the certifying authority, the signed certificate for the specific system, and the private certificate file--are combined to create the file that goes with ssl_cert_file? Since there are six possible permutations to answer this question (because order of files matters), which two go with ssl_crt_file and in what order? I have a private certificate file, the certifying authority's .CRT file, and the certifying authority's signed .PEM file which contains the system's certified certificate. Thanks in advance.
Am 10.06.2015 um 13:53 schrieb Steve Matzura:> I hope I'm asking this on the right list, in the right place. I go > through this every three years and for whatever reason keep forgetting > to record how this works! > > In the Dovecot config, there are two places to define SSL > certificates--ssl_cert_file and ssl_key_file. My question is this: > Which two of the three files--the certifying authority, the signed > certificate for the specific system, and the private certificate > file--are combined to create the file that goes with ssl_cert_file? > Since there are six possible permutations to answer this question > (because order of files matters), which two go with ssl_crt_file and > in what order? I have a private certificate file, the certifying > authority's .CRT file, and the certifying authority's signed .PEM file > which contains the system's certified certificate. > > Thanks in advance. >The private certificate is separate and defined by "ssl_key". The signed certificate for your domain and the CA's intermediate certificate are combined in 1 file and defined by "ssl_cert". The signed certificate is placed at top and the intermediate certificate next. -- Alex JOST