<< Click here to display Table of Contents >> Navigation: Security Menu > Security Settings > SSL & TLS:

MDaemon

Contents

Enable SSL, STARTTLS, and STLS

Click this check box to activate support for the SSL/TLS protocol and the STARTTLS and STLS extensions. Then, choose the certificate that you want to use from the list below.

Enable the dedicated SSL ports for SMTP, IMAP, POP3 servers

Click this option if you want to make available the dedicated SSL ports specified on Ports under Default Domains & Servers. This will not affect clients using STARTTLS and STLS on the default mail ports — it merely provides an additional level of support for SSL.

SMTP server sends mail using STARTTLS when possible

Click this option if you want MDaemon to attempt to use the STARTTLS extension for every SMTP message it sends. If a server to which MDaemon is connecting doesn't support STARTTLS then the message will be delivered normally without using SSL. Use the White List in this section if you wish to prevent the use of STARTTLS for certain domains.

SMTP server requires SSL on MSA port

Enable this option if you wish to require SSL for connections to the server made on the MSA port.

DomainPOP/MultiPOP servers use STLS whenever possible

Check this box if you want the DomainPOP and MultiPOP servers to use the STLS extension whenever possible.

Select certificate to use for HTTPS/SSL

This box displays your SSL certificates. Click a certificate to designate it as the one MDaemon will use. Double-click a certificate to open it in the Certificate dialog for review.

MDaemon does not support different certificates for multiple domains. All mail domains must share a single certificate. If you have more than one domain then enter those domain names under the option, Alternative host names (separate multiple entries with a comma) outlined below.

Delete

Select a certificate in the list and then click this button to delete it. A confirmation box will open and ask you if you are sure that you want to delete the certificate.

Create Certificate

Click this button to open the Create SSL Certificate dialog.

Host name

When creating a certificate, enter the host name to which your users will connect (for example, "mail.example.com").

Organization/company name

Enter the organization or company that "owns" the certificate here.

Alternative host names (separate multiple entries with a comma)

MDaemon does not support separate certificates for multiple domains — all domains must share a single certificate. If there are alternative host names to which users may be connecting and you want this certificate to apply to those names as well, then enter those domain names here separated by commas. Wildcards are permitted, so "*.example.com" would apply to all sub domains of example.com (for example, "wc.example.com", " mail.example.com", and so on).

Encryption key length

Choose the desired bit-length of the encryption key for this certificate. The longer the encryption key the more secure the transferred data will be. Note, however, that not all applications support key lengths longer than 512.

Country/region

Choose the country or region in which your server resides.

Hash algorithm

Choose the hash algorithm that you wish to use: SHA1 or SHA2. The default setting is SHA2.

Restart servers

Click to restart the SMTP/IMAP/POP servers. The servers must be restarted when a certificate changes.

See:

SSL & TLS

Creating and Using SSL Certificates