-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, In self signed certificates for an internal dovecot, how can I extend its validity time? Using "/usr/share/dovecot/mkcert.sh" and "dovecot-openssl.cnf". The later default config file is (I edit the file, of course): [ req ] default_bits = 2048 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] # country (2 letter code) #C=FI # State or Province Name (full name) #ST= # Locality Name (eg. city) #L=Helsinki # Organization (eg. company) #O=Dovecot # Organizational Unit Name (eg. section) OU=IMAP server # Common Name (*.example.com is also possible) CN=imap.example.com # E-mail contact emailAddress=postmaster@example.com [ cert_type ] nsCertType = server If there is a man page for that configuration file, please point me to it ;-) The command used is, apparently: $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2 - -- Cheers Carlos E. R. (from 15.4 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCZKFpNhwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfV78gAmwR6sk45B0AkquufJYqb PLtErHCDAJwK6vo72VlBwirIgWpbAhAKf8ZsFw== =VeJf -----END PGP SIGNATURE-----