Make key file
#openssl genrsa -des3 -out example.com.key 2048
Generating RSA private key, 1024 bit long modulus
…………..++++++
..++++++
e is 65537 (0x10001)
Enter pass phrase for example.com.key:
Verifying – Enter pass phrase for example.com.key:
# openssl req -new -key example.com.key -out example.com.csr
Enter pass phrase for example.com.key:
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
A challenge password []:
An optional company name []:
Get CRT (GeoTrust, verisign etc)
Remove pass phrase
#openssl rsa -in example.com.key -out example.com.pem
edit /etc/postfix/main.cf
smtpd_use_tls = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_key_file = /etc/pki/tls/certs/example.com.pem
smtpd_tls_cert_file = /etc/pki/tls/certs/example.com.crt
edit /etc/dovecot.conf
ssl_disable = no
ssl_cert_file = /etc/pki/tls/certs/example.com.crt
ssl_key_file = /etc/pki/tls/certs/example.com.pem
restart postfix and dovecot