majic-ansible-roles Changeset

Changeset - 57667a2c528b

Parent rev.

Child rev.

[Not reviewed]

0 1 0

Branko Majic (branko) - 9 years ago 2015-04-07 23:02:54
branko@majic.rs

MAR-4: Updated instructions for setting-up the TLS stuff on mail server (keys, certs).

1 file changed with 16 insertions and 0 deletions:

docs/testsite.rst

0 comments (0 inline, 0 general)

docs/testsite.rst

➞

Show inline comments

@@ @@ -98,5 +98,21 @@ system: @@
   ``/etc/ssl/certs/truststore.pem`` (*root:root, 644*). After that, restart the
   servics ``dovecot`` and ``postfix``.
 * On ``mail.example.com``:
   * Create TLS private key for SMTP in location
     ``/etc/ssl/private/mail.example.com_smtp.pem`` (*root:openldap, 640*).
   * Create TLS certificate for SMTP in location
     ``/etc/ssl/certs/mail.example.com_smtp.pem`` (*root:root, 644*).
   * Create TLS private key for IMAP in location
     ``/etc/ssl/private/mail.example.com_imap.pem`` (*root:openldap, 640*).
   * Create TLS certificate for IMAP in location
     ``/etc/ssl/certs/mail.example.com_imap.pem`` (*root:root, 644*).
   * Install a truststore that contains the CA certifciate which has issued the
     LDAP certificate in location ``/etc/ssl/certs/truststore.pem`` (*root:root,
 *).
   * After all files are in place, re-run the ``site.yml`` playbook in order to
     restart necessary services etc.
 For more details on how the playbooks and configuration have been implemented,
 feel free to browse the test site files (in directory ``testsite``).

0 comments (0 inline, 0 general)