When I released my docker mail server, I wanted to create an easy way to do complicated things. So I wrote a tool to simplify the process of self-signed ssl certificates. This tool is built-in docker mail server.
How can I generate my self-signed certificate?
You just need to have
docker installed on your computer. Just type the following command line:
docker run -ti --rm -v "$(pwd)":/ssl -h mail.my-domain.com -t tvial/docker-mailserver generate-ssl-certificate
Don't forget to change
mail.my-domain.com to your real Fully Qualified Domain Name (FQDN). You will be asked some informations about your name, company, location... When asked, sign the certificate.
It will generate some files needed for your SSL configuration (postfix, nginx, apache...).
mail.my-domain.com-key.pem (private key) mail.my-domain.com-req.pem (public key) mail.my-domain.com-cert.pem (certificate) mail.my-domain.com-combined.pem (private key + certificate) demoCA/cacert.pem (certificate authority)
Now you need to configure your daemon to use this certificate and you have a fully SSL secured connection available.