How I got my StartSSL certificates to work with Thunderbird

Short version

(During a brief period where I used StartSSL for my SSL certs…)

Had a problem with my mail server.  Thunderbird was not accepting the Class 1 cert I got from StartCom.  To fix it, I added lines to /etc/dovecot.conf and /etc/postfix/main.cf.  Assume the intermediate CA cert is named “sub.class1.server.ca.pem“.

For dovecot, in /etc/dovecot.conf:

ssl_ca_file = /path/to/certs/sub.class1.server.ca.pem

For postfix, in /etc/postfix/main.cf:

smtpd_tls_CAfile = /path/to/certs/sub.class1.server.ca.pem

Then I restarted both services.

You may also like...