Recreating SSL Certificates


My SSL certs, used for secure POP3 email retrieval and https access to SquirrelMail, both expired on the same day, one year after they'd been generated. On my FC1 box, Dovecot was NOT being used although it was installed. Rather, the IMAPD package included pop3s which was launched via xinetd. When the certs expired, I could still access both services, but each time I'd get a message saying the cert from the server had expired, which got annoying after a while.

To create a new cert for POP3s, see the Red Hat 9 Manual. Scroll about halfway down and you'll see the relevant 'make ipop3d.pem' command.

For Apache, see http://www.rpatrick.com/tech/makecert/ for a quick list of steps on how to generate a new key & cert and where to put them.

02/07/2006

Update 5/27/07

See the Dovecot section at the bottom of this CentOS page for instuctions on generating the SSL certs for use with dovecot and its IMAP and POP3 services. This should be used instead of the pointer above to the Red Hat document.