From: "Auteria Wally Winzer Jr." <[EMAIL PROTECTED]>:
> At this point I'm stuck. Here are my questions:
>
> 1. Am I supposed to import the imapd.pem and ipop3d.pem
> onto every clients workstation (Netscape and IE)?
Either that, or get certificates signed by a "proper" CA. You can be
your own CA, but then you have to install your CA's cert on every
client. Actually, it works without either, but then the clients always
have to click away warning messages. And you will be wounerable to a
man-in-the middle...
> 2, Or, am I supposed to import the actual server's cert
> onto every clients workstation (Netscape and IE)?
The only certs into play are imapd.pem and ipop3d.pem.
> 3. Do I have to use an app, such as stunnel or sslwrap
> with imaps/pop3s?
Nope. But are you sure these are in /etc/inetd.conf:
pop3s stream tcp nowait root /usr/local/etc/ipop3d ipop3d
imaps stream tcp nowait root /usr/local/etc/imapd imapd
(if the daemons happen to be installed in "/usr/local/etc" of all
places...)
BTW, cyrus imapd 2.0.x also have SSL/TLS support. That I _know_ to work
:-)
Cheers,
Peter
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
