Getting started
What’s New
Roadmap
Octeth Training Program
Installation & Setup
Requirements
Architecture
Server Setup
Oempro Installation
Community Edition Install
SSL Certificates
Version Upgrade
Troubleshooting
Administration
Quick Walkthrough
Security
Sub Admin Accounts
Settings
Delivery Servers
Global Segments
Global Custom Fields
Bounce Processing
Spam Complaints
Suppression List
Plug-Ins
Delivery Report
User Management
Maintenance
Audience Management
Introduction
Subscriber Lists
Custom Fields
Segments
Subscribers
Webhooks
Website Event Tracking
Email Marketing
Introduction
Auto Responders
Email Campaigns
Sender Domain Man.
Journeys (Automation)
Bounce Processing
Email Personalization
FBL Processing
Email Builder Integrations
Email Deliverability
Sender Domain Management
Plug-Ins & Add-Ons
AI Plug-In
Bounce Catcher Add-On
Link Proxy Add-On
Developers
Introduction
Single Sign On
API
Plug-In Development
Database
Integrations
IPMonitor
Installation
Advanced
Reverse Proxy
Cookbook
Help
Troubleshooting
Contact Us
How to activate TLS for Octeth Email Gateway Inbound SMTP Server
Octeth has a powerful, high-performance inbound SMTP server for the Email Gateway feature. This SMTP server accepts TLS connections as well. In order to activate TLS with a properly setup SSL certificate, follow these steps.
First, initiate your SSL certificate using Let’s Encrypt or other SSL certificate providers.
- SSH into the
oempro-appcontainer: - Edit
/var/www/html/_dockerfiles/inbound-smtp-server/server.keyand set the file content to the private key of the new SSL certificate. - Edit
/var/www/html/_dockerfiles/inbound-smtp-server/server.crtand paste the new (1) SSL certificate first, then (2) paste the CA bundle of the SSL certificate. - Edit
/var/www/html/_dockerfiles/inbound-smtp-server/config.jsonand paste these two file paths toCertificateandPrivateKeyparameters. Paths must be relative. Here’s an example: - Rebuild and re-delpoy the inbound SMTP server:
- Test the TLS connection:
cd /opt/oempro/
docker exec -ti oempro_app bash{
"Debug": false,
"Listen": [
":25"
],
"AppName": "Oempro SMTP Server",
"Hostname": "test.local",
"AdminAPIKey": "3b3c98-****-****-****-d3bb6b",
"EmailMaxSizeKB": 100,
"SMTPTimeout": 15,
"Certificate": "./server.crt",
"PrivateKey": "./server.key",
"MaxConnectionLimit": 1500,
"LogFiles": {
"Connections": "./log_connections.log",
"Authentications": "./log_authentications.log"
},
"OemproAPIUrl": "http://192.168.99.101/api.php"
}cd /opt/oempro/
docker-compose build oempro_emailgateway_inbound_smtp
docker-compose kill oempro_emailgateway_inbound_smtp
docker-compose up -d oempro_emailgateway_inbound_smtpopenssl s_client -quiet -starttls smtp -connect your.smtp-server.com:25 # (or 587)
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = AlphaSSL CA - SHA256 - G2
verify return:1
depth=0 CN = *.sendlayer.net
verify return:1
250 ENHANCEDSTATUSCODES
ehlo local
250-smtp.sendlayer.net greets local
250-SIZE 307200
250-AUTH LOGIN PLAIN
250 ENHANCEDSTATUSCODES
quit
221 2.0.0 your.smtp-server.com Octeth SMTP Server v1.2 ESMTP Service closing transmission channel
read:errno=0IMPORTANT:
server.crt file must contain the certificate first and then the CA bundle. server.key file must contain the private key only.The server.crt file structure:
-----BEGIN CERTIFICATE-----
...
****************************************************************
****************************************************************
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
****************************************************************
****************************************************************
...
-----END CERTIFICATE-----The server.key file structure:
-----BEGIN PRIVATE KEY-----
...
****************************************************************
****************************************************************
...
-----END PRIVATE KEY-----
©Copyright Octeth, Inc. All rights reserved.