How to request or renew the courier-imapd ssl certificate:
For renewal, only the last two statement to create the imapd.pem file are needed.
openssl genrsa -out $CN.key 1024
openssl req -new -key $CN.key -config /etc/courier-imap/imapd.cnf -out $CN.csr
# Make sure that imapd.cnf contains the correct information. Leave out
# the -config option to enter the certificate data by hand.
# Send the $CN.csr file to your Certificate Authority (for instance www.cacert.org)
# and paste the resulting certificate in $CN.crt. Don't forget to import the root-
# certificate in your browser/email client if you get a security warning.
cat $CN.key $CN.crt > imapd.pem
# The file name and location where imapd-ssl expects to find the certificate
# can be found in the file: /etc/courier-imap/imapd-ssl, variable: TLS_CERTFILE
openssl gendh >> imapd.pem
Restart courier-imapd to activate the change. Test your certificate by pointing your browser to: https://mail.example.com:993 and check on the certificate.
Thanks go to Courier SSL