On Sep 28, 2006, at 6:13 PM, Vapor wrote:
>> If you move a certificate from one server to another you may have
>> to get a new one re-issued.
>>
>> Certificate security is pretty tight to prevent fraud sights wrongly
>> being identified as kosher sites.
>
> I'm very familiar with Thawte SSL certs in a web context but not
> others and can say
> that Thawtes can be moved without issue as long as the domain used
> upon is as issued.
Are you sure that it isn't the case, that the "private" server.key file
must also be moved or copied, along with the issued SSL cert file?
> Well, it's technically doable at least with self signed certs so I'm
> half happy. Just
> need to work out how to get dovecot to use certs for the domain in
> question rather than
> just the one pointed to in the conf file. Maybe dovecot.conf allows
> environmental vars
> so certs could be referred to with local relative paths to a
> users/domains "home"?
>
I have found this page very helpful:
http://www.herongyang.com/crypto/openssl_verify.html
Actually the whole site is helpful when dealing with SSL!
Cordially
Patrick Giagnocavo
patrick (at mark) zill.net