3. Configuration

To configure the S/MIME-plugin, please edit the following file:

/etc/kopano/webapp/config-smime.php

This file contain multiple configuration options.

3.1. PLUGIN_SMIME_USER_DEFAULT_ENABLE_SMIME

This option allows you to enable or disable the plugin by default for a user.

3.2. PLUGIN_SMIME_CACERTS

This option specifies which path’s the OpenSSL library should check for CA Certificates, usually this is /etc/ssl/certs.

Note

Using /etc/ssl/certs (or your default, central distribution SSL certifices) path is recommended.

3.3. PLUGIN_SMIME_CIPHER

This option defines which cipher OpenSSL uses to encrypt an S/MIME message, for PHP < 5.4 the greatest cipher option is 3DES, PHP >= 5.4 has added AES ciphers with a key length of up to 256 bit.

A list of supported ciphers are available at php.net: http://php.net/manual/en/openssl.ciphers.php

Note

For security reasons, Using the strongest cipher available is recommended.

3.4. PLUGIN_SMIME_ENABLE_OCSP

This option either enables or disables the OCSP validation of public certificates. OCSP is an Internet protocol used for obtaining the revocation status of an digital certificate.

3.5. PLUGIN_SMIME_PASSPHRASE_REMEMBER_BROWSER

With this option enabled the browser will offer to save passphrases used in s/mime signing functionality. This functionality is disabled by default.