I spend few days and lot of time to setup SSL/TLS for MailEnable.
The support of MailEnable was completely useless.
So I put this instruction on the forum to help others solve the
problems.
step 0. Make sure that MailEnable works with normal POP/SMTP
step 1. Make sure that ports open and MailEnable assigned to this ports.
The SMTP TLS use the port - 465
The POP TLS use the port - 995
you should check the firewall and after that you can run -
Code: Select all
netstat -a -bhttp://stackoverflow.com/questions/4819 ... on-windows
You should see following -
TCP 0.0.0.0:465 WIN-KLS73RO8:0 LISTENING
[MESMTPC.EXE]
TCP 0.0.0.0:995 WIN-KLS73RO8:0 LISTENING
[MEPOPS.EXE]
if you not see this go to step 2 in other case go to step 3
step 2. Enable SSL/TLS in the settings
few screenshots that explain where you should enable the options
restart services and repeat step 1
step 3. Creating the Certificate
Now you need to create self signed certificate.
Don't use openssl for this. Instead use Microsoft tools.
Download .net 2.0 SDK from this link -
http://www.microsoft.com/en-us/download ... x?id=15354
and follow instructions on this pages -
http://stackoverflow.com/questions/1944 ... evelopment
http://www.mikeobrien.net/blog/creating ... -wildcard/
in short -
Code: Select all
makecert.exe -n "CN=My Company Development Root CA,O=My Company, OU=Development,L=Wallkill,S=NY,C=US" -pe -ss Root -sr LocalMachine -sky exchange -m 120 -a sha1 -len 2048 -rCode: Select all
makecert.exe -n "CN=mysubdomain.mydomain.com" -pe -ss My -sr LocalMachine -sky exchange -m 120 -in "My Company Development Root CA" -is Root -ir LocalMachine -a sha1 -eku 1.3.6.1.5.5.7.3.1name
after you create this certificate please follow instructions on this
pages -
http://www.mailenable.com/kb/Content/Ar ... D=me020479
http://www.mailenable.com/documentation ... ption.html
don't forget to restart services after that
Now it's almost work but some programs like The Bat report about
problems with finding root of the issue of certificate.
step4. (optional) Add root certificate to mail program.
Since it's self issue certificate the mail program can't find trust
certificate of issuer so you need to add it manually.
Open certificates (you can do this before)
Remainder -
From the Start menu or a command prompt, type mmc.exe. In the management console
that appears, select the File->Add/Remove Snap-in menu and add the Certificates snap-in for the Local Computer account.
Open the path in the tree -
Certificates - Trusted Root Certification Authorities - Certificates
and find your own company (by default - My Company Development Root CA)
Right click - All Task - Export...
No,
DER .cert
and transfer result file on the client PC.
All you have to do is add this certificate in the trusted root.
In The Bat! open the Address book. On he left side select -"Trusted
Root CA" in the menu select - File - Import from - x.509 ...
that's all. Have a nice day. God save Ukraine!
-
Denys Nazarenko
Developer of unique a start menu solution
www.startmenux.com
