github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity

Simplified documentation. Ready to go.

Browse source
This commit is contained in:
Thomas VIAL 2015-12-05 18:01:58 +01:00
parent fe55350645
commit 9a869919ec
1 changed files with 28 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
SSL.md
View file

@ -2,35 +2,20 @@
There are multiple options to enable SSL: There are multiple options to enable SSL:
* using [letsencrypt](https://letsencrypt.org/) * using [letsencrypt](https://letsencrypt.org/) (recommended)
* using self-signed certificates with the provided tool * using self-signed certificates with the provided tool
## let's encrypt After installation, you can test your setup with [checktls.com](https://www.checktls.com/TestReceiver).
To enable Let's Encrypt on your mail server, you have to add en environment variable `DMS_SSL` with value `letsencrypt` (see `docker-compose.yml.dist`) ## let's encrypt (recommended)
You also have to mount your `letsencrypt` folder to `/etc/letsencrypt` and it should look like that:
├── etc To enable Let's Encrypt on your mail server, you have to:
│   └── letsencrypt
│   ├── accounts
│   ├── archive
│   │   └── mail.domain.com
│   │   ├── cert1.pem
│   │   ├── chain1.pem
│   │   ├── fullchain1.pem
│   │   └── privkey1.pem
│   ├── csr
│   ├── keys
│   ├── live
│   │   └── mail.domain.com
│   │   ├── cert.pem -> ../../archive/mail.domain.com/cert1.pem
│   │   ├── chain.pem -> ../../archive/mail.domain.com/chain1.pem
│   │   ├── combined.pem
│   │   ├── fullchain.pem -> ../../archive/mail.domain.com/fullchain1.pem
│   │   └── privkey.pem -> ../../archive/mail.domain.com/privkey1.pem
│   └── renewal
You don't have anything else to do. * get your certificate using [letsencrypt client](https://github.com/letsencrypt/letsencrypt)
* add an environment variable `DMS_SSL` with value `letsencrypt` (see `docker-compose.yml.dist`)
* mount your `letsencrypt` folder to `/etc/letsencrypt`
You don't have anything else to do. Enjoy.
## self signed certificates ## self signed certificates
@ -58,5 +43,7 @@ You can easily generate a self-signed SSL certificate by using the following com
Note that the certificate will be generate for the container `fqdn`, that is passed as `-h` argument. Note that the certificate will be generate for the container `fqdn`, that is passed as `-h` argument.
Check the following page for more information regarding [postfix and SSL/TLS configuration](http://www.mad-hacking.net/documentation/linux/applications/mail/using-ssl-tls-postfix-courier.xml). Check the following page for more information regarding [postfix and SSL/TLS configuration](http://www.mad-hacking.net/documentation/linux/applications/mail/using-ssl-tls-postfix-courier.xml).
If a matching certificate (files listed above) is found in `postfix/ssl`, it will be automatically setup in postfix and courier-imap-ssl. You just have to place them in `postfix/ssl` folder. To use the certificate:
* add an `DMS_SSL=self-signed` to your container environment variables
* if a matching certificate (files listed above) is found in `postfix/ssl`, it will be automatically setup in postfix and courier-imap-ssl. You just have to place them in `postfix/ssl` folder.