This article will describe you how to secure your SmarterMail Server by configuring SSL/TLS.
What is SSL Certificate?
SSL Certificate is a small data file that digitally binds a cryptographic key with an organization's details. When we install it on a web server/Mail server, it activates the padlock and https protocol which allows a secure connection from the web server to a web browser. TLS is a successor of the Secure Sockets Layer protocol (SSL).
It helps to encrypt the connection between the 2 connection points so the data is transmitted over the channel as a series of random encrypted code instead of the plain text.
Nowadays, email communication has become an important part of the business. So it is being adapted to have SSL Certificate to secure the sensitive email content from being hacked.
Before performing the following steps, make sure that you have purchased SSL Certificate for your Smartermail (Mail domain) from the SSL vendor and installed it on mail.domain.com. Please click on this link to install SSL Certificate. Make sure you set the bindings of the mail domain on which you will need to install SSL certificate.
In order to configure SmarterMail to be secure over SSL/TLS, the SSL certificate which is installed on the server must be exported to a pfx format so that it is readable by SmarterMail.
Export the SSL Certificate from the IIS
Follow these steps to export your SSL certificate to a pfx format.
- Login in your Windows VPS through administrator user.
- Click on the Start button and then click on Administrative Tools.
- Click on Internet Information Services (IIS) Manager option.
- Once you click on the IIS, you will get the following windows. Click on the hostname of your VPS under connection.
- Click on the Server Certificate option under IIS.
- By clicking on the Server Certificate option you will be able to see the certificates which you have installed on your server.
- Select the certificate which you want to export and click on the export option.
- Enter the correct data in the field and click on the OK button.
Export to: Browse the path where you want to store the SSL Certificate. Generally, it can be "C:\SmarterMail\Certificate\(Name the certificate)".
Note: You have to create the folder "Certificate" under the SmarterMail folder(C:\SmarterMail\)
Password: Set a strong password for the SSL Certificate. Please remember this password because it will be used while installing SSL Certificate on Mail domain.
Confirm Password: Enter the same password which you have entered above.
- After clicking on the OK button, ensure that the SSL Certificate exists on the following path C:\SmarterMail\Certificate.
Add Ports to listen over SSL/TLS
Follow are the steps to add a port to listen over SSL/TLS.
- Login into SmarterMail as the system administrator (admin user).
- Go to the Setting icon.
- Click on Bindings option.
- Once you click on the bindings option, you will see two options IP addresses and Ports. Click on the ports -> New button.
- By clicking on the New button, you will get the following windows. Complete the required field and click on the save button.
Certificate path: Enter the path where you have stored/saved the SSL Certificate. Generally it will be C:\SmarterMail\Certificate\(certificate name).pfx
Password: Enter the password which you have set during the export process.
IP address: Select the IP address of your Mail server which you use to send an email.
Note: Just like we have added SMTP port, you have to add POP3 and IMAP ports to be encrypted with SSL or TLS. You can select POP3 and IMAP from the protocol option.
- Once you add all the ports then restart the SmarterMail service from VPS (Start button -> Administrative Tools -> Services -> SmarterMail service).