How to request or renew the courier-imapd ssl certificate:

For renewal, only the last two statement to create the imapd.pem file are needed.

cd /etc/ssl/private
openssl genrsa -out $CN.key 1024
openssl req -new -key $CN.key -config /etc/courier-imap/imapd.cnf -out $CN.csr
# Make sure that imapd.cnf contains the correct information. Leave out
# the -config option to enter the certificate data by hand.

# Send the $CN.csr file to your Certificate Authority (for instance
# and paste the resulting certificate in $CN.crt. Don't forget to import the root-
# certificate in your browser/email client if you get a security warning.
cat $CN.key $CN.crt > imapd.pem
# The file name and location where imapd-ssl expects to find the certificate
# can be found in the file: /etc/courier-imap/imapd-ssl, variable: TLS_CERTFILE
openssl gendh >> imapd.pem

Restart courier-imapd to activate the change. Test your certificate by pointing your browser to: and check on the certificate.

Thanks go to Courier SSL