On 3/14/19 11:46 AM, mick crane via dovecot wrote:
Excuse dopey question. I'm not exactly clear about certificates. Apache2 default install has this snake oil certificate Can make a new one for apache Can make one for dovecot Can make one for ssl Is there supposed to be the one (self signed ) certificate pair in one place for the machine that each process hands out ? Can they be moved to another machine ?
mick
Not a dovecot specific question, but I use the same certificate for apache, dovecot and postfix, for my domain name, on any number of machines, except they must all have the same hostname (they don't all have the same name at the same time).
I see no difference between a self-signed certificate and a broken certificate. In both cases you have warnings in the browser/mail client. In both cases you need to hit the "accept anyway" button.
Yassine.