Date: 2007dec14 Product: dovecot Q. How to I enable SSL/TLS with Dovecot (the POP3 and IMAP server)? A. With RedHat/Fedora/CentOS its fairly easy. Self-signed certificates are already made for you. So just uncomment the following lines in /etc/dovecot.conf

# Disable SSL/TLS support? ssl_disable = no # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem ssl_key_file = /etc/pki/dovecot/private/dovecot.pem

Optionally, if you don't want to let anybody login without SSL or TLS do this:

disable_plaintext_auth = yes

Finally, restart dovecot:

systemctl restart dovecot

Don't forget to test with a mail client like Thunderbird.