- 论坛徽章:
- 0
|
原帖由 wlacf 于 2009-10-10 13:27 发表 ![]()
出错如下:
libtool: link: gcc -I./.. -I.. -Wall -g -O2 -o couriertls starttls.o argparse.o -L/usr/local/courier-authlib/lib/courier-authlib ./.libs/libcouriertls.a -lssl -lcrypto ./.libs/libspi ... IMAP over SSL
To add SSL support you have to install OpenSSL or GnuTLS before installing Courier-IMAP. Download OpenSSL from http://www.openssl.org/, or GnuTLS from http://www.gnutls.org.
OpenSSL's support is well-tested, the GnuTLS version is a relatively new addition, and is considered experimental. Follow OpenSSL's or GnuTLS's installation instructions, then build Courier-IMAP.
NOTE: Most systems already have an available OpenSSL or GnuTLS package. Do not build OpenSSL or GnuTLS yourself, if a prebuilt package is already available. Just install the prebuilt package.
NOTE: The development libraries must be installed in addition to the runtime package, in order to build Courier-IMAP. On most systems, the development files (header files, libraries, etc...) are provided in a separate "devel" package. The base OpenSSL/GnuTLS package is not sufficient to build Courier-IMAP, the development libraries must be installed.
The OpenSSL library is selected when both OpenSSL and GnuTLS libraries are found by the configure script. Use the --with-gnutls option to explicitly select the GnuTLS library over OpenSSL.
The /usr/lib/courier-imap/etc/imapd-ssl configuration file sets some additional options for SSL support, which you may need to adjust. Consult that configuration file for additional information. Then, you also have to run the /usr/lib/courier-imap/libexec/imapd-ssl.rc script from your system startup and shutdown scripts, just like the /usr/lib/courier-imap/libexec/imapd.rc script. You may accept both SSL and non-SSL connections by running both scripts.
Note that SSL requires a valid, signed, X.509 certificate to be installed where Courier-IMAP expects to find it. The default location for the X.509 certificate, in PEM format, is /usr/lib/courier-imap/share/imapd.pem. The X.509 certificate must be signed by a certificate authority that is known to the IMAP client. You can generate your own self-signed certificate by running the script /usr/lib/courier-imap/share/mkimapdcert which will work too, except that IMAP clients using SSL will display a warning message the first time they connect to the server. To get rid of the warning message you'll have to pay for a signed X.509 certificate. The gory details of setting up SSL is beyond the scope of this document, and you should consult the OpenSSL documentation for more information.
The mkimapdcert script will not overwrite an existing imapd.pem certificate, in order to allow precompiled packages to simply call mkimapdcert after installation, without worry.
http://www.courier-mta.org/imap/INSTALL.html |
|