1. Abstract: Create Certificate
    1. Generate key
    2. Generate signing request
    3. Sign the key
    4. Create server certificate
    5. Set permission
    6. Set owner
    7. Copy into place
    8. Restart services

  2. Application: Self-Signed Certificate
    1. # openssl genrsa -out x.key 2048
    2. # openssl req -new -key x.key -out x.csr
    3. # openssl x509 -req -days 3650 -in x.csr -signkey x.key -out x.crt
    4. # cat x.crt x.key > servercrt.pem
    5. # chmod 644 servercert.pem
    6. # chown root:qmail servercert.pem
    7. # cp -p servercert.pem /var/qmail/control

  3. Application: Godaddy Signed Certificate
    1. # openssl genrsa -out x.key 2048
    2. # openssl req -new -key x.key -out x.csr
    3. Submit signing request (x.csr) to Godaddy; Later download signed key (crt and crt bundle)
    4. # cat x.key 7531fdb8504afe19.crt gd_bundle-g2-g1.crt > servercert.pem
    5. # chmod 644 servercert.pem
    6. # chown root:qmail servercert.pem
    7. # cp -p servercert.pem /var/qmail/control