how to add your own certificates

This commit is contained in:
Sebastian Straub 2016-10-01 15:49:10 +02:00
parent 913fc7e4e2
commit bfe70de0c8

View file

@ -2,6 +2,7 @@ There are multiple options to enable SSL:
* using [letsencrypt](https://letsencrypt.org/) (recommended) * using [letsencrypt](https://letsencrypt.org/) (recommended)
* using self-signed certificates with the provided tool * using self-signed certificates with the provided tool
* using your own certificates
After installation, you can test your setup with [checktls.com](https://www.checktls.com/TestReceiver). After installation, you can test your setup with [checktls.com](https://www.checktls.com/TestReceiver).
@ -47,6 +48,21 @@ To use the certificate:
* add `SSL_TYPE=self-signed` to your container environment variables * add `SSL_TYPE=self-signed` to your container environment variables
* if a matching certificate (files listed above) is found in `config/ssl`, it will be automatically setup in postfix and dovecot. You just have to place them in `config/ssl` folder. * if a matching certificate (files listed above) is found in `config/ssl`, it will be automatically setup in postfix and dovecot. You just have to place them in `config/ssl` folder.
### Custom certificate files
You can also provide your own certificate files. Add these entries to your `docker-compose.yml`:
volumes:
- /etc/ssl:/tmp/ssl:ro
environment:
- SSL_TYPE=manual
- SSL_CERT_PATH=/tmp/ssl/cert/public.crt
- SSL_KEY_PATH=/tmp/ssl/private/private.key
This will mount the path where your ssl certificates reside as read-only under `/tmp/ssl`. Then all you have to do is to specify the location of your private key and the certificate.
Please note that you may have to restart your mailserver once the certificates change.
### Testing certificate ### Testing certificate
From your host: From your host: