Commit e683fa52 authored by Sam Varshavchik's avatar Sam Varshavchik

Bump version, add TLS_PRIVATE_KEYFILE to courier/esmtpd config files.

parent d57c2047
......@@ -4,7 +4,7 @@ dnl Copyright 1998 - 2018 Double Precision, Inc. See COPYING for
dnl distribution information.
AC_PREREQ(2.59)
AC_INIT(courier-imap, 5.0.0, [courier-imap@lists.sourceforge.net])
AC_INIT(courier-imap, 5.0.0.20180927, [courier-imap@lists.sourceforge.net])
AC_CONFIG_SRCDIR(libs/imap/imapd.c)
AC_CONFIG_HEADERS(config.h)
AM_INIT_AUTOMAKE
......
2018-09-24 Sam Varshavchik <mrsam@courier-mta.com>
* couriertls: additional fixes.
2018-09-24 Yoshinari Takaoka <mumumu@mumumu.org>
* couriertls: option to use a separate file for the SSL certificate's
private key, as an alternative to the combined keyfile+certificate.
1.0
2018-08-23 Sam Varshavchik <mrsam@courier-mta.com>
......
......@@ -5,7 +5,7 @@ dnl distribution information.
AC_PREREQ(2.59)
AC_INIT(courier, 1.0, [courier-users@lists.sourceforge.net])
AC_INIT(courier, 1.0.0.20180927, [courier-users@lists.sourceforge.net])
version=$PACKAGE_VERSION
AC_CONFIG_SRCDIR(courier/courier.c)
AM_INIT_AUTOMAKE
......
......@@ -373,6 +373,23 @@ ESMTP_PREFER_IPV6_MX=1
#
# TLS_CERTFILE=
##NAME: TLS_PRIVATE_KEYFILE:0
#
# TLS_PRIVATE_KEYFILE - SSL/TLS private key for the client certificate.
# This file must be owned by the "@mailuser@" user, and must not be world
# readable.
#
# By default, courier generates SSL/TLS certifice including private key
# and install it in TLS_CERTFILE path, so TLS_PRIVATE_KEYFILE is completely
# optional. If TLS_PRIVATE_KEYFILE is not set (default), TLS_CERTFILE is
# treated as certificate including private key file.
#
# If you get SSL/TLS certificate and private key from trusted certificate
# authority(CA) and want to install them separately, TLS_PRIVATE_KEYFILE can
# be used as private key file path setting.
#
#
#TLS_PRIVATE_KEYFILE=@certsdir@/imapd_private_key.pem
##NAME: TLS_TRUSTCERTS:1
#
......
......@@ -238,6 +238,44 @@ COURIERTLS=@bindir@/couriertls
TLS_CERTFILE=@mydatadir@/esmtpd.pem
##NAME: TLS_PRIVATE_KEYFILE:0
#
# TLS_PRIVATE_KEYFILE - SSL/TLS private key for decrypting peer data.
# This file must be owned by the "@mailuser@" user, and must not be world
# readable.
#
# By default, courier generates SSL/TLS certifice including private key
# and install it in TLS_CERTFILE path, so TLS_PRIVATE_KEYFILE is completely
# optional. If TLS_PRIVATE_KEYFILE is not set (default), TLS_CERTFILE is
# treated as certificate including private key file.
#
# If you get SSL/TLS certificate and private key from trusted certificate
# authority(CA) and want to install them separately, TLS_PRIVATE_KEYFILE can
# be used as private key file path setting.
#
# VIRTUAL HOSTS ON THE SAME IP ADDRESS.
#
# $TLS_PRIVATE_KEYFILE.domain and $TLS_CERTFILE.domain are a pair.
# If you use VIRTUAL HOST feature on TLS_CERTFILE setting, you must set pair
# private key as $TLS_PRIVATE_KEYFILE.domain. Then, create a link from
# $TLS_PRIVATE_KEYFILE to whichever private key you consider to be the main one.
# for example:
# /etc/tls_private_keyfile.pem => /etc/tls_private_keyfile.pem.www.example.com
#
# IP-BASED VIRTUAL HOSTS:
#
# Just described on "VIRTUAL HOSTS ON THE SAME IP ADDRESS" above,
# $TLS_PRIVATE_KEYFILE.aaa.bbb.ccc.ddd and $TLS_CERTFILE.aaa.bbb.ccc.ddd are
# a pair. If TLS_PRIVATE_KEYFILE is set to /etc/tls_private_keyfile.pem,
# then you'll need to install the actual certificate files as
# /etc/tls_private_keyfile.pem.192.168.0.2, /etc/tls_private_keyfile.192.168.0.3
# and so on, for each IP address.
#
# In all cases, $TLS_PRIVATE_KEYFILE needs to be linked to one of the existing
# certificate files.
#
#TLS_PRIVATE_KEYFILE=@certsdir@/imapd_private_key.pem
##NAME: TLS_DHPARAMS:0
#
# TLS_DHPARAMS - DH parameter file.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment