DISCLAIMER
THE INSTRUCTIONS AND SOFTWARE ARE PROVIDED 'AS IS' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Introduction:

VisNetic MailServer allows you to use your own SSL certificates. Basically you have two options:

• Create your own self-signed certificate: No addition costs but your users will see a warning message unless they install your own root certificate.
• Get a signed SSL certificate from a Certificate Authority (CA): Your users will not see any warning messages but the certificate usually costs some money.

Create a self-signed certificate:

1. Run self-signed.cmd and answer the questions. "PEM pass phrase" is the password for your certificate. "Common Name (e.g., YOUR name)" is the host name of your mail server (usually mail.domain.tld).
2. Move the file cert.pem to the VisNetic MailServer installation directory.
3. Restart the services.

Your users can install the DER-encoded version of your new root the certificate by downloading and opening the file mail-server.der.crt. This will prevent them from getting the "not trusted" warning message.

Request a certificate from a CA (Certificate Authority):

1. Run request-ca.cmd and answer the questions. "PEM pass phrase" is the password for your certificate. "Common Name (e.g., YOUR name)" is the host name of your mail server (usually mail.domain.tld).
2. Send the file certificate_request.csr to the CA (Certificate Authority, e. g. VeriSign or Thawte). The CA then will sign your certificate.
3. Once you get the signed certificate from the CA, you will have to add it to the file cert.pem. Save the file you got from the CA to the directory of this utility and run this command:
   
   copy cert.pem + cert_file_from_ca.cert cert.pem
   
   
4. Move the file cert.pem to the VisNetic MailServer \config\ directory. Default location is:

   C:\Program Files\Deerfield.com\VisNetic MailServer\config\

5. Restart all services in VisNetic MailServer.

Notes:

• Pay attention to the messages. Do not use the certificate if you get any error messages.
• Use only ASCII characters.
• You can use the same certificate (file) for VisNetic MailServer and WebMail as long as they share the same host name.
• The supplied programs and scripts will only work correctly under Windows NT/2000/XP.