My SSL certificate for my mail server had been expired for a few weeks now. When I finally got a round to installing a new one, I discovered the script I used to use to generate them missing. Instead I had to call OpenSSL directly. Luckily, the line wasn’t too hard to find.
After filling in the requisite fields in the configuration file — The most important being the “CN” field, which should contain the FQDN of the mail server.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
Then generate the certificate itself with this incantation:
1 2 3
Got rid of the annoying “This servers certificate is exipired” messages in my MUA anyway.