On Tue, Jun 13, 2006 09:43:46 AM -0700, Paul Heinlein (heinlein at madboa.com) wrote: > On your IMAP server, check out your certificate's thoughts about > itself: > > openssl x509 -noout -subject -in /path/to/cert.pem > > I'm guessing that it'll report its common name (CN) as > "localhost.domain." I had realized the same thing a few minutes ago. :-( Silly me... Right now I am rebuilding a new certificate on the server, byt I am setting my.vps.fqdn.name in openssl.cnf as CommonName_default and running the provided CA Perl Script. This would have the same effect as your command line option below, wouldn't it? > You'll probably want to build a new cert, specifying the CN as the > public hostname of your IMAP server, e.g., > > openssl req \ > -x509 -nodes -days 365 \ > -subj '/C=IT/L=Roma/CN=my.vps.fqdn.name' \ > -newkey rsa:1024 -keyout mycert.pem -out mycert.pem Thanks, Marco -- Marco Fioretti mfioretti, at the server mclink.it Fedora Core 3 for low memory http://www.rule-project.org/ Human beings act intelligently only after they have exhausted the alternatives -- Abba Eban