Re: courier certificate regeneration.
On Tue, 05 Oct 2010 00:26:24 +0700, Sthu Deus wrote:
>> BTW, what is the exact error message you are getting? Did you create
>> the new certificate with updated data?
>
> My mailer says that current certificate is expired - it gives me the
> finger prints and other certificate information as to: who signed, when,
> etc.
Okay. But having the log file would help a lot :-)
> Sorry, I didn't understand You last phrase: which updated data? - What I
> did is this:
>
> /bin/rm -f /etc/courier/pop3d.pem
>
> /usr/sbin/mkpop3dcert
>
> /etc/init.d/courier-pop-ssl restart
>
> Then I saw ne certificate at the mailer, day(s) latter - old is here
> again!
I dunno for home-made SSL certificates but real ones needs you first
input the correct data from a provided template. When it's time to renew
the certificate, the Certificate Authority it auto-updates the expiration
date and sends you the new *.crt file with the updated data.
So, how does you "/etc/courier/pop3d.cnf" looks like?
By reading the man page:
http://www.courier-mta.org/mkpop3dcert.html
It's like the certificate generation is feeding from that file :-?
Also, check if you already have a "/usr/lib/courier/share/pop3d.pem"
file.
Greetings,
--
Camaleón
Reply to: