First you should learn how to首先你应该了解如何 create a self-signed certificate using OpenSSL创建一个自签名证书使用OpenSSL的 (free). (免费) 。 After that it is a simple matter of copying the files to appropriate location and enabling dovecot to use SSL authentication.之后,这是一件简单的事,复制档案,以适当的位置,使dovecot使用SSL验证。 Let’s look at the details.让我们看看细节。

First you need to find the location to place the certificate and key file.首先,您需要找到的位置,把证书和密钥文件。 Open dovecot.conf file (Location: /etc/dovecot.conf) and search for pem.开放dovecot.conf文件(地点:在/ etc / dovecot.conf )和搜索的PEM 。 You will find two lines like:你会发现两条线,例如:

#ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem # ssl_cert_file =在/ etc /公匙基建/ dovecot /证书/ dovecot.pem
#ssl_key_file = /etc/pki/dovecot/private/dovecot.pem # ssl_key_file =在/ etc /公匙基建/ dovecot /私营/ dovecot.pem

These indicate the default location of the key and certificate file.这些表明,默认位置的关键和证书文件。
Note: You are likely to find that there is already a certificate installed if you have used a software like yum or apt to install dovecot.注意:您很可能会发现有已经是一个证书已安装,如果您曾经使用的软件一样,荫或apt安装dovecot 。 However you will most likely find that the certificate was installed with an incorrect common name which may cause your email client (like Thunderbird) to prompt for permission everytime you check mails.然而,您将最有可能找到该证书是安装一不正确共同的名称,这可能造成您的电子邮件客户端(如雷鸟)为提示许可,您每次检查邮件。

Assume you have created the self-signed certificate named ca.crt and your key is named ca.key.假设您已经创建了自签名证书命名为ca.crt和您的关键是名为ca.key 。
Now replace (after saving a backup) the existing, if available, ssl certificate file, in my case /etc/pki/dovecot/certs/dovecot.pem, with ca.crt (after renaming obviously).现在取代(后节省备份)现有的,如果可用, SSL证书文件,在我的案件的/ etc /公匙基建/ dovecot /证书/ dovecot.pem ,与ca.crt (后改名为明显) 。 Similarly replace the existing, if available, key file (in my case /etc/pki/dovecot/private/dovecot.pem) with ca.key (after renaming).同样地取代现有的,如果可用,关键文件(在我的案件的/ etc /公匙基建/ dovecot /私营/ dovecot.pem )与ca.key (后改名) 。

Now open dovecot.conf and search for protocols.现在开放dovecot.conf和搜索协议。 Ensure that the line is as follows:确保该线如下:
protocols = imaps pop3s 议定书= imaps pop3s
Note: This disables regular pop3 & imap server.注意:此禁用定期的POP3及IMAP服务器。 Add them too if you must.他们添加太多如果您必须。

Ensure that the ssl_cert_file and ssl_key_file parameters are pointing to the right file as explained above.确保该ssl_cert_file和ssl_key_file参数是指向正确的文件正如以上所解释的。

Now restart the dovecot server which in my case is simply:现在重新启动dovecot服务器在我的情况很简单:
/sbin/service dovecot restart / sbin /服务dovecot重新启动

You should now be able to use secure POP3 & IMAP with dovecot.现在,您应该可以使用安全的POP3及IMAP的与dovecot 。