Diary of an IT Architect

Copypastable tutorials I wrote for my reference. You're welcome.

Once I've obtained free certificates from Let's Encrypt, preferrably with dehydrated on FreeBSD, I'm going to modify Postfix's config file so they can be used to secure SMTP traffic.

Continue reading...

Once I've obtained free certificates from Let's Encrypt, preferrably with dehydrated on FreeBSD, I'm going to modify Dovecot's config file so they can be used to secure POP and IMAP traffic.

Continue reading...

Once I've obtained free certificates from Let's Encrypt, preferrably with dehydrated on FreeBSD, I'm going to combine them into single PFX file so it can be used by Microsoft Exchange to secure IMAP, SMTP, POP and IIS services.

Continue reading...

Once I've obtained free certificates from Let's Encrypt, preferrably with dehydrated on FreeBSD, I'm going to combine them into single PEM file so it can be used by my favourite XMPP server - ejabberd - for securing both c2s (client-to-server) and s2s (server-to-server) traffic.

Continue reading...

Contrary to StartSSL’s FAQ, it is now possible for authenticated users to submit certificate requests (CSRs) for client (S/MIME) certificates. However, certificates are issued in PEM format, while most browsers and mail clients prefer PKCS#12 format. This article describes steps to create private key and corresponding certificate request, as well as how to create PKCS#12 file after obtaining signed client certificate.

Continue reading...