Hi all,
I've used Dovecot since February 2012, but because I kept reinstalling Linux with every major version, I never had a Dovecot self-signed certificate go bad on me before. Til now.
I started using rolling release Void Linux about a year ago, and my Dovecot self-signed certificate just expired.
The solution I used is contained in these documents:
http://wiki2.dovecot.org/SSL/CertificateCreation
http://wiki2.dovecot.org/SSL/CertificateClientImporting
file:///etc/ssl/dovecot-openssl.cnf
http://www.faqforge.com/linux/renew-the-dovecot-ssl-certificate-on-ubuntu-li...
I basically moved my old /etc/ssl/certs/dovecot.pem and /etc/ssl/private/dovecot.pem, then edited /etc/ssl/dovecot-openssl.cnf specifically to give myself the common name of 192.168.100.2. I had earlier used my hostname, but that produced a conflict, so I just used the ip address.
Then I ran dovecot-mkcert.sh to create the new self-signed cert, and finally, configured Claws-Mail to use /etc/ssl/certs/dovecot.pem as its cert. Obviously, if my Claws-Mail were on a different machine than my Dovecot, I would have had Claws-Mail point to a local copy.
Alpine still gives me a bad cert warning, saying I should either fix it or disable checking. I haven't yet found a way to get Alpine to discriminate between a valid self-signed cert and a bad one.
Anyway, all's good.
SteveT
Steve Litt November 2016 featured book: Quit Joblessness: Start Your Own Business http://www.troubleshooters.com/startbiz