Working With Certificates
Secure Sockets Layer (SSL) is a protocol designed to enable applications to transmit information back and forth securely. Applications that use SSL, exchange encryption keys with other applications, and are designed to encrypt and decrypt data sent between the two.
Applications that are configured to run SSL (for example, web browsers like Microsoft® Internet Explorer and Firefox and email programs like Microsoft Outlook®, Mozilla Thunderbird and Apple Mail) are automatically able to receive SSL connections. To establish a secure SSL connection, the application must first have an encryption key assigned to it by a Certification Authority in the form of a Certificate.
IMAPInternet Message Access Protocol supports encryption via certificates. Certificates can be:
- Purchased from an online vendor such as Verisign
- Generated from IIS® (refer to KB article http://go.gfi.com/?pageid=mar_createcertificate)
To enable SSL and configure a security certificate:
1. In the IMAP Server configuration wizard, select Enable SSL checkbox.
2. In the SSL Certificate field, select the certificate to upload.
3. In the SSL Certificate Password field, type the certificate password. This will be validated when you click save.
4. (Optional) Select Force SSL certificate checkbox to force encryption of transmitted data.
IMPORTANT
When Force SSL certificate is enabled, encryption is ‘forced’, meaning that clients using the IMAP service will not be able to connect unless they configure encryption from their side. If Force SSL certificate is not enabled, the clients can connect to the IMAP server both in encrypted and unencrypted mode.
5. Click Save.