Skip to content
Tech Shizz Logo

An Engineers Blog

  • TechShizz
  • blog

Setting up SSL on hMailServer

Posted on February 23, 2021 By rich No Comments on Setting up SSL on hMailServer

1. Download and install OpenSSL. Download Here

2. Create a Key – Open an elevated CMD prompt and change directory to where you installed OpenSSL. Once here execute the OpenSSL.exe

Run: >openssl genrsa -out <host>.key 1024

Where <host> is your mail servers name.

3. Certificate Request – Next we need to create the certificate request:

>openssl req -new -nodes -key <host>.key -out <host>.csr

Where <host> is your mail servers name.

If this fails, try this. My OpenSSL was installed in C:OpenSSLOpenSSL-Win64

SET OPENSSL_CONF=c:OpenSSLOpenSSL-Win64binopenssl.cfg

4. Create a self signed certificate:

>openssl x509 -req -days 1024 -in <host>.csr -signkey <host>.key -out <host>.cert

Where <host> is your mail servers name.

 

5. Configuring hMailServer With Your New SSL Certificate

 Bring up your hMailServer administrator UI and add a SSL certificate. You’ll find the files we use here in the same folder where the OpenSSL.exe file was executed from.

 Add a SSL certificate

 Next create new TCP/IP ports which use SSL for each protocol you are interested in testing.

 Add TCP/IP ports and protocols

The port numbers for IMAP (993) POP3 (995) are the default secure ports for these two protocols. I will be disabling 110 and 143 and 25 to allow only encrypted mail. Each change will restart hMailServer.

When configuring the email account on the clients, you will get a certificate warning as the certificate is self signed. You know you can trust this because you created it. You can verify the certificate by viewing it’s details. You will see all of the information you populated when creating theecertificate in OpenSSL.

To prevent this from popping up every-time your client connects, INSTALL the certificate on your client machines.

Post navigation

❮ Previous Post: Reporting Mailbox Folder Sizes with PowerShell
Next Post: Deploying Office via Group Policy ❯

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Subscribe to our newsletter!

Recent Posts

  • How to implement a lightning-fast ransomware playbook
  • How to achieve defence in depth in your business
  • How to implement a SecOps team phishing response plan
  • How to block an Office 365 Sign-in correctly
  • Microsoft finally patched serious Exchange 0-day over a month old!

Recent Comments

    Archives

    • November 2022
    • July 2021
    • March 2021
    • February 2021

    Categories

    • Cyber Security
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    Copyright © 2023 .

    Theme: Oceanly News Dark by ScriptsTown