Kolab Groupware

My internal mail server is Kolab. Right now I work on getting all the communication encrypted with TLS. I'll describe what I did. I hope to get an encrypted kolab setup that can be a tenplate for new installations and is easy to use like https://bettercrypto.org.

Encryption for the 389-ds

Kolab uses the 389-directory server. Here you'll find the documentation to enable TLS. My installation is on a single node, and I use the name kolab3.example.org.

I'm using a local CA, the certificate is stored in /etc/ssl/certs/rootCA-example.org.crt. The host certificate is /etc/ssl/certs/kolab3.jochen.org.crt and the host key is /etc/ssl/certs/kolab3.jochen.org.key. We'll use these files throughout the document.