How to generate self-signed ssl cert for EL5
============================================
by Thomas Chung <tchung@openwebmail.org>
on 2008.02.15

References:
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/s2-secureserver-generatingkey.html
http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s2-secureserver-generatingkey.html

# cd /etc/httpd/conf/
# rm -rf ssl.key
# yum install crypto-utils
# genkey --days 365 --test openwebmail.org
 (replace with your hostname)
 (for 5 year, --days 1825)
 (--test omit the slow process of generating random data)

Keypair generation
[Next]

Choose key size
1024
[Next]

Generate CSR
[No]

Enter details for your certificate
Country Name: US
State or Provice name: California
Locality Name: Pasadena
Organization Name: Open Webmail Project
Organization Unit Name: Thomas Chung <tchung@openwebmail.org>
Common Name: openwebmail.org (replace with your hostname)
[Next]

[ ] Encrypt the private key
(do not encrypt. otherwise, it will require password eveytime httpd restared)
[Next]

Edit /etc/httpd/conf.d/ssl.conf to change the SSLCertificateFile and SSLCertificateKey lines to be.
(replace with your hostname)

SSLCertificateFile /etc/pki/tls/certs/openwebmail.org.cert
SSLCertificateKeyFile /etc/pki/tls/private/openwebmail.org.key

# service httpd restart
 
Done!

Check https://openwebmail.org