Updated my Dovecot certificate for the first time
Steve Litt
slitt at troubleshooters.com
Wed Nov 23 06:26:45 UTC 2016
Hi all,
I've used Dovecot since February 2012, but because I kept reinstalling
Linux with every major version, I never had a Dovecot
self-signed certificate go bad on me before. Til now.
I started using rolling release Void Linux about a year ago, and my
Dovecot self-signed certificate just expired.
The solution I used is contained in these documents:
http://wiki2.dovecot.org/SSL/CertificateCreation
http://wiki2.dovecot.org/SSL/CertificateClientImporting
file:///etc/ssl/dovecot-openssl.cnf
http://www.faqforge.com/linux/renew-the-dovecot-ssl-certificate-on-ubuntu-linux/
I basically moved my old /etc/ssl/certs/dovecot.pem
and /etc/ssl/private/dovecot.pem, then
edited /etc/ssl/dovecot-openssl.cnf specifically to give myself the
common name of 192.168.100.2. I had earlier used my hostname, but that
produced a conflict, so I just used the ip address.
Then I ran dovecot-mkcert.sh to create the new self-signed cert, and
finally, configured Claws-Mail to use /etc/ssl/certs/dovecot.pem as its
cert. Obviously, if my Claws-Mail were on a different machine than my
Dovecot, I would have had Claws-Mail point to a local copy.
Alpine still gives me a bad cert warning, saying I should either fix it
or disable checking. I haven't yet found a way to get Alpine to
discriminate between a valid self-signed cert and a bad one.
Anyway, all's good.
SteveT
Steve Litt
November 2016 featured book: Quit Joblessness: Start Your Own Business
http://www.troubleshooters.com/startbiz
More information about the dovecot
mailing list