STARTTLS cannot be enforced. It will be used automatically if the mail server supports it. The encryption type should be kaş to ‘None/STARTTLS’ in this case. See here for an example on how to configure self signed certificates. The native SAML integration negates the need for external software like Apache http://uznew.uz/user/stewdragon59/