Hi all,
I'm running dovecot from ports tree on OpenBSD 3.5. I'm also using the script provided to generate a self signed cert (that is doc/mkcert.sh). After a month by the way the certificate expired and I had to recreate it again. I saw that in the script there is no explicit certificate duration specified and then on my system the cert lasted exactly 30 days. As a short term fix then I deleted the certifacte files and modified the script to recreate cert that last 365 days changing:

< $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE || exit 2
---
> $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2


A better solution would of course require that the duration should have been specified as a parameter but anyway I feel 30 days are really too short.

Regards,
Lorenzo Conti


MSN 8 with e-mail virus protection service: 2 months FREE*