Regional offices::
preferred Partners:
You are here > Support > SSL Certificates > UW-IMAP > IMAP Server > Install certificate

Installation of a certificate for UW IMAP

For possible file locations on different operating systems, please see the list below. The standard location is called <ssl-base-dir>.

UW IMAP uses one single .pem file for certificates, in this file the Private Key file is combined with the Certificate file, usually this file is called:  imapd.pem

After you receive the certificate file by e-mail, open the file in a text editor like Notepad and copy the entire content (including the dashed lines at the beginning and end) . Open the Private Key file (which was created while you generated the CSR file) and paste the content of the certifcate file underneath the private key data to create one single .pem file.

The imapd.pem file should like like this:

-----BEGIN RSA PRIVATE KEY-----
ABCDEF......
  rest of key encoded here
....XYZ==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
ABCDE......
  rest of certificate encoded here
....XYZ=
-----END CERTIFICATE-----

Configuration of the server:

1. Fingerprint

openssl x509 -noout -fingerprint -in ca-certificate-file

2: Make sure the CA file is in  <ssl-base-dir>certs/ and run the hash command:

openssl x509 -noout -hash -in ca-certificate-file

3. Create a symbolic link so the certificate can be found by openSSL.

Example : 

dbed1725.0 pointing to your-ca.pem

(dbed1725 is the hash of the CA certificate)

Or:

ln -s my_ca.crt `openssl x509 -hash -noout -in my_ca.crt`.0
To test your installation:
openssl verify -CApath <ssl-base-dir>certs server-certificate-file

If all went well you should get the following response:

your-herald2-server.pem: OK  

Possible file locations for certs at several different operating systems:

  • AIX, OpenSSL 0.9.6 (from OpenSSH support packages) /var/ssl/
  • Centos 3 / 4, OpenSSL 0.9.7 /usr/share/ssl/
  • Cygwin, OpenSSL 0.9.6 /usr/ssl/
  • Debian Woody, OpenSSL 0.9.6 /etc/ssl/
  • Debian Sarge, OpenSSL 0.9.7 /etc/ssl/
  • Debian Etch, OpenSSL 0.9.8 /etc/ssl/
  • FreeBSD, OpenSSL 0.9.x /usr/local/openssl/
  • Gentoo, OpenSSL 0.9.6 /usr/lib/ssl/
  • Gentoo, OpenSSL 0.9.7 /etc/ssl/
  • Mac OS X 10.1.2, OpenSSL 0.9.6b /System/Library/OpenSSL/
  • Mandrake 7.1 -> 8.2, OpenSSL 0.9.6 /usr/lib/ssl/
  • NetBSD, OpenSSL 0.9.x /etc/openssl/
  • Normal OpenSSL Tarball Build, OpenSSL 0.9.6 /usr/local/ssl/
  • OpenBSD, OpenSSL 0.9.x /etc/ssl/
  • Redhat 6.2 / 7.x / 8.0 / 9, OpenSSL 0.9.6 /usr/share/ssl/
  • Redhat Enterprise 3 / 4, OpenSSL 0.9.7 /usr/share/ssl/
  • Redhat Fedora Core 2 / 3, OpenSSL 0.9.7 /usr/share/ssl/
  • Redhat Fedora Core 4, OpenSSL 0.9.7 /etc/pki/tls/
  • Redhat Fedora Core 5 / 6, OpenSSL 0.9.8 /etc/pki/tls/
  • Slackware, OpenSSL 0.9.6 /etc/ssl/
  • SuSE 7.3 / 8.0, OpenSSL 0.9.6 /usr/share/ssl/
  • SuSE 8.1 / 8.2, OpenSSL 0.9.6 /etc/ssl/

Standaard OpenSSL 0.9.x <prefix>/ssl/ 







(c) Networking4all B.V. All rights reserved
This site is managed by GlobalSign preferred partner Networking4all.