How to create a self-signed SSL certificate for Dovecot on Debian

Here is how you create a self-signed SSL certificate for the Dovecot IMAP/POP server on Debian Linux:

openssl req -new -x509 -days 1000 -nodes -out "/etc/ssl/certs/dovecot.pem" -keyout "/etc/ssl/private/dovecot.pem"

The default is 365 days, but I upped it to 1000, so I don’t have to do this so often.

Dovecot does this on installation via /var/lib/dpkg/info/dovecot-common.postinst; you can force this script to re-run by issuing these two commands:
find /etc/ssl -name dovecot.* -exec rm {} \;
dpkg-reconfigure dovecot-common

Join the Conversation

3 Comments

Leave a comment

Your email address will not be published.