NikaMail uses Java Key Store format in order to keep SSL certificates.
The same certificate is used by StartTLS (Mireka) and WebUI to provide https.
The default keystore is included in the
config directory but we recommend to replace it with your own.
Generating a self-signed certificate
If you don’t need to provide public services creating a self-signed cerificate is pretty enough.
You need a Java SE to be able to generate keystores with
Copy following command to commnd line and press enter, then replace
keystore.jks with generated file.
keytool -genkey -keyalg RSA -alias servercert -dname "CN=1, OU=2, O=2, L=4, S=5, C=GB" -keystore keystore.jks -storepass password -keypass password -validity 1440 -keysize 2048 -noprompt
Importing authority signed certificate
There are several ways to generate a keystore from authority signed certificate. The fastest is to use Keystore Explorer. The orthodox way is to use openssl and keytool to convert PEM keys to JKS format