Hi, I've to build a new SSL certificate for my cyrus 2.2.13. I'm using a Thawte SSL123 certificate. Since the CAs changed to intermediate certificates, I'd like to be sure to do the right steps for an update and not running into problems with imaps and pop3s clients: 1. modify /etc/imapd.conf. Using tls_ca_file for the intermediate certificate file: tls_cert_file: /etc/mail/tls/mx.myserver.de.thawte.crt tls_key_file: /etc/mail/tls/mx.myserver.de.thawte.key tls_ca_file: /etc/ssl/certs/SSL123_CA_Bundle.pem tls_ca_path: /etc/ssl/certs I've found a howto on the thawte.nl website http://www.thawte.nl/fr/support/manuals/cyrus/cyrus+imap+server/install +certificate/ which puts private key, certification and the intermediate certificate file in one .pem file and uses this combined file for tls_cert_file, tls_key_file and tls_ca_file. Good way? 2. check databases /usr/sbin/ctl_cyrusdb -c 3. shut down cyrus (and may be backup /var/lib/cyrus) 4. do I have to remove /var/lib/cyrus/tls_sessions.db ? 5. start cyrus again Any comments are welcome. System debian/lenny: cyrus-admin-2.2 2.2.13-14+lenny3 cyrus-common-2.2 2.2.13-14+lenny3 cyrus-imapd-2.2 2.2.13-14+lenny3 cyrus-pop3d-2.2 2.2.13-14+lenny3 libcyrus-imap-perl22 2.2.13-14+lenny3 Ciao, Marcus ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
