How to create a self-signed SSL certificate for Dovecot on Debian

Posted on August 1, 2008 by paulschreiber in public service announcement, tech.

Here is how you create a self-signed SSL certificate for the Dovecot IMAP/POP server on Debian Linux:

openssl req -new -x509 -days 1000 -nodes -out "/etc/ssl/certs/dovecot.pem" -keyout "/etc/ssl/private/dovecot.pem"

The default is 365 days, but I upped it to 1000, so I don’t have to do this so often.

Dovecot does this on installation via /var/lib/dpkg/info/dovecot-common.postinst; you can force this script to re-run by issuing these two commands:
find /etc/ssl -name dovecot.* -exec rm {} \;
dpkg-reconfigure dovecot-common

One Response to How to create a self-signed SSL certificate for Dovecot on Debian

  1. tim says:
    April 17, 2011 at 4:17 am

    thanks, this was very helpful!

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>