On Tue, Jun 13, 2006 09:43:46 AM -0700, Paul Heinlein (heinlein@madboa.com) wrote:
On your IMAP server, check out your certificate's thoughts about itself:
openssl x509 -noout -subject -in /path/to/cert.pem
I'm guessing that it'll report its common name (CN) as "localhost.domain."
I had realized the same thing a few minutes ago. :-( Silly me...
Right now I am rebuilding a new certificate on the server, byt I am setting my.vps.fqdn.name in openssl.cnf as CommonName_default and running the provided CA Perl Script. This would have the same effect as your command line option below, wouldn't it?
You'll probably want to build a new cert, specifying the CN as the public hostname of your IMAP server, e.g.,
openssl req \ -x509 -nodes -days 365 \ -subj '/C=IT/L=Roma/CN=my.vps.fqdn.name' \ -newkey rsa:1024 -keyout mycert.pem -out mycert.pem
Thanks, Marco