This tutorial is about generating a SSL certificate to secure POP3 and IMAP communications between clients (MUA) and Qmail server (MTA).
1. Go to Qmail config directory :
cd /var/qmail/control
2. Generate key :
openssl genrsa -des3 -out servercert.key.enc 2048
3. Decrypt the key (get rid of the passphrase) :
openssl rsa -in servercert.key.enc -out servercert.key
4. Generate a certificate request (well known as CSR) :
openssl req -new -key servercert.key -out servercert.csr
5. Submit your CSR to your certificate provider (CA) or generate a self-signed certificate :
openssl req -x509 -key servercert.key -in servercert.csr > servercert.crt
6. Create a PEM certificate (either with your certificate provided by your CA or your self-signed certificate) :
cat servercert.key servercert.crt > /var/qmail/control/servercert.pem
7. Restart Qmail :
qmailctl restart