Greg Bailey wrote:
I'm really just asking if I cannot just use what I take to be the standard openssl certificate and key in /etc/pki/tls/ Do I really have to create up a special cert for dovecot?
There's not really a "standard" SSL certificate. Perhaps you're referring to a "default" certificate used by the webserver?
No. I should have said "standard locate". I think both Fedora and CentOS create the folders /etc/pki/tls/{certs,private}, so I assume this means that certs and keys should be store there.
What I typically do is get a real, but free, SSL certificate from some place like StartSSL (www.startssl.com), and then copy the key and certificate to the location that's specified for use by dovecot.
My question exactly - is there any reason why one should not do that? Or even more simply, give the locations /etc/pki/tls/{certs,private} in /etc/dovecot/conf.d/10-ssl.conf ?