Acquire/Create Certificates

To start collect the certificates, keys and DH and other items necessary to create the PEM file.

Make Self Signed Certificate

Many installations come with the mkimpadcert tool which creates a single imapd.pem file. This contains both the Private Key, Certificate and Diffe-Helman data.

Get Outlook to Trust

Outlook and Outlook Express may not trust the certificate that is being used. This can be resolved through the following steps.

  1. Using Internet Explorier visit https://mail.domain.com:993/
  2. A Certificate Warning dialog should pop-up
  3. Choose the View Certificate option
  4. ....
  5. A window will pop up. Select "View Certificate". Then select "Install Certificate". The Certificate Import Wizard will come up. Click "Next". Select "Place all certificates in the following store". Click "Browse" and select "Trusted Root Certificate Authorities". Click "OK". Click "Next" Click "Finish". You will be prompted with the certificate info. Select "Yes". Import successful. Click OK twice. Now click "Yes" at the Security Alert window that originally came up. You'll see some stuff in Explorer. Even though it says "-ERR Protocol Error" it still got installed. You can view it by going to Tools-->Internet Options-->Content Tab. Select the Certificates button and then drop down the menu to find the TRusted Root Authorities. You shoud see your cert.