Update upgrade.debian.9-10.html.
This commit is contained in:
parent
a23f71c751
commit
1219871675
|
@ -17,18 +17,21 @@ Changes required to be made in Dovecot main config file `/etc/dovecot/dovecot.co
|
|||
|
||||
* Remove all `postmaster_address =`.
|
||||
* Remove parameter `ssl_protocols =`.
|
||||
* Add new parameter `ssl_min_protocols` like this:
|
||||
* Add new parameter `ssl_min_protocol` like this:
|
||||
|
||||
```
|
||||
ssl_min_protocols = TLSv1.2
|
||||
ssl_min_protocol = TLSv1.2
|
||||
```
|
||||
|
||||
Note: If your end users run old mail client applications, it may not support
|
||||
TLSv1.2, you may want to use weaker one like `TLSv1.1`, `TLSv1` instead.
|
||||
|
||||
* Add new parameter `ssl_dh` and load existing file:
|
||||
* on CentOS, it's `/etc/pki/tls/dhparams.pem`
|
||||
* on Debian/Ubuntu, FreeBSD, OpenBSD, it's `/etc/ssl/dhparams.pem`
|
||||
* on CentOS, it's `/etc/pki/tls/dh2048_param.pem`
|
||||
* on Debian/Ubuntu, FreeBSD, OpenBSD, it's `/etc/ssl/dh2048_param.pem`
|
||||
|
||||
```
|
||||
ssl_dh = </etc/ssl/dhparams.pem
|
||||
ssl_dh = </etc/ssl/dh2048_param.pem
|
||||
```
|
||||
|
||||
* If you have plugin `stats` enabled, you need to rename it:
|
||||
|
@ -44,6 +47,21 @@ Old | New
|
|||
`plugin { stats_refresh = ... }` | `plugin { old_stats_refresh = ...}`
|
||||
`plugin { stats_track_cmds = ...}` | `plugin { old_stats_track_cmds = ...}`
|
||||
|
||||
Inside `service old-status {}` block, please add new content:
|
||||
|
||||
```
|
||||
unix_listener old-stats-reader {
|
||||
user = vmail
|
||||
group = vmail
|
||||
mode = 0660
|
||||
}
|
||||
unix_listener old-stats-writer {
|
||||
user = vmail
|
||||
group = vmail
|
||||
mode = 0660
|
||||
}
|
||||
```
|
||||
|
||||
Restart Dovecot service is required.
|
||||
|
||||
## PHP
|
||||
|
|
|
@ -41,19 +41,21 @@
|
|||
<ul>
|
||||
<li>Remove all <code>postmaster_address =</code>.</li>
|
||||
<li>Remove parameter <code>ssl_protocols =</code>.</li>
|
||||
<li>Add new parameter <code>ssl_min_protocols</code> like this:</li>
|
||||
<li>Add new parameter <code>ssl_min_protocol</code> like this:</li>
|
||||
</ul>
|
||||
<pre><code>ssl_min_protocols = TLSv1.2
|
||||
<pre><code>ssl_min_protocol = TLSv1.2
|
||||
</code></pre>
|
||||
|
||||
<p>Note: If your end users run old mail client applications, it may not support
|
||||
TLSv1.2, you may want to use weaker one like <code>TLSv1.1</code>, <code>TLSv1</code> instead.</p>
|
||||
<ul>
|
||||
<li>Add new parameter <code>ssl_dh</code> and load existing file:<ul>
|
||||
<li>on CentOS, it's <code>/etc/pki/tls/dhparams.pem</code></li>
|
||||
<li>on Debian/Ubuntu, FreeBSD, OpenBSD, it's <code>/etc/ssl/dhparams.pem</code></li>
|
||||
<li>on CentOS, it's <code>/etc/pki/tls/dh2048_param.pem</code></li>
|
||||
<li>on Debian/Ubuntu, FreeBSD, OpenBSD, it's <code>/etc/ssl/dh2048_param.pem</code></li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
<pre><code>ssl_dh = </etc/ssl/dhparams.pem
|
||||
<pre><code>ssl_dh = </etc/ssl/dh2048_param.pem
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
|
@ -101,6 +103,19 @@
|
|||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<p>Inside <code>service old-status {}</code> block, please add new content:</p>
|
||||
<pre><code> unix_listener old-stats-reader {
|
||||
user = vmail
|
||||
group = vmail
|
||||
mode = 0660
|
||||
}
|
||||
unix_listener old-stats-writer {
|
||||
user = vmail
|
||||
group = vmail
|
||||
mode = 0660
|
||||
}
|
||||
</code></pre>
|
||||
|
||||
<p>Restart Dovecot service is required.</p>
|
||||
<h2 id="php">PHP</h2>
|
||||
<p>Debian 9 offers PHP-5, but Debian 10 has PHP-7.3, you need to upgrade it to 7.3 manually.</p>
|
||||
|
|
Loading…
Reference in New Issue