Redirecting you to
Tech Document Sep 25, 2018

How to Install Certificates on Dovecot IMAP

This article will go into detail on how to install certificates on Dovecot IMAP.

Installing SSL certificates on a Dovecot server is straight forward and simple. Please follow these instructions to install your SSL certificate on a Dovecot IMAP Server:

Step 1: Along with your certificate you may get the root and intermediate certificates. For Dovecot/Exim you need to put all these certificates including your site's certificate into one bundle file in order of decreasing distance from the root.

The "ca-bundle" file already includes the root and intermediates (XYZRSADomainValidationSecureServerCA.crt XYZRSAAddTrustCA.crt AddTrustExternalCARoot.crt).

<code><em> cat domain_com.crt > ssl-bundle.crt</em></code>

In case you have received the root and intermediates certificates separately, run the following command.

<code><em> cat domain_com.crt XYZRSADomainValidationSecureServerCA.crt XYZRSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt</em></code>

If you are Using GUI based Text Editor (Ex: Notepad):

(i) To concatenate the certificate files into single bundle file, first open domainname.crt and files using any text editor.

(ii) Now copy all the content of domainname.crt and paste it on the top of file.

(iii) Now save the file name as 'ssl-bundle.crt'.

Note: If you have not the received the 'ca-bundle' file in the ZIP that we sent you, you can download it from this article's attachments. (End of this page)

Step 2: Add the following to your exim4.conf:

tls_certificate = CONFDIR/ssl/XYZ/ssl-bundle.crt
tls_privatekey = CONFDIR/ssl/XYZ/your_site.key

Step 3: Edit dovecot.conf:

ssl_cert = </etc/dovecot/ssl/XYZ/ssl-bundle.crt
ssl_key = </etc/dovecot/ssl/XYZ/your_site.key