Regenerating Courier SSL Certificates on Ubuntu Linux
December 14, 2007
Waking up groggily as usual, I booted up Thunderbird to go through all the mail that had accumulated over the night and found a new dialog gracing me. Apparently, as it was telling me, the auto-generated SSL cert had expired. Oh well, all that I needed to do was track down how to regenerate it and go about my business. Well, this actually ended up being a little bit more troublesome than usual - so I decided to record it here as a is the usual case when I come into issues (because I know that five years from now I'll have the same issue and will have forgotten this).
Anyway, it's as simple as backing up the existing certificate:
Then generating a new one to move into place:
This will generate the necessary certificate in whatever directory you're in. You could run it as root directly in the courier configuration directory, but we don't do that since we value our configuration files too much. Go ahead and move it into place:
Now that that's in place just restart the courier-imap-ssl service and you should be good to go!
Tada! Now you've got a brand new SSL certificate. I suppose that you could play with expiring the cert sooner or later by modifying the -days parameter. 365 is probably too high for any amount of auto-expiring security to take effect but I'm not amazingly concerned since I use it more for encryption than server identify verification. Enjoy your fresh new certificate now!
Thanks to Ivar Abrahamsen who's Mail Server Setup Howto led me to the generation command.
Permalink |
Add to delicious |
0 Comments
| Tagged: Ubuntu, SystemsAdministration, Linux
