fabiolagana.net

- Farsi una copia del vecchio certificato
cd /etc/ssl/certs
cp -ap pop3ss.pem pop3s.pem.scaduto
 
- Ricreazione nuovo certificato
cd /etc/ssl
openssl req -new -x509 -nodes -days 3650 -newkey rsa:1024 -keyout private/pop3s.key -out pop3s.cert
touch certs/pop3s-new.pem
chmod 600 certs/pop3s-new.pem
cat private/pop3s.key pop3s.cert > certs/pop3s-new.pem
dd if=/dev/urandom count=2 | openssl dhparam -rand - 512
pico certs/pop3s-new.pem
chown vpopmail certs/pop3s-new.pem
cd certs
mv pop3s-new.pem pop3s.pem
 
-- rollback in caso qualcosa andasse storto --
mv pop3s.pem.scaduto pop3s.pem