Steps:
 1) Generate key
 2) Generate signing request
 3) Sign the key
 4) Create server certificate
 5) Set permission
 6) Set owner
 7) Copy into place


 Self-Signed Certificate

 # openssl genrsa -out x.key 2048
 # openssl req -new -key x.key -out x.csr
 # openssl x509 -req -days 3650 -in x.csr -signkey x.key -out x.crt
 # cat x.crt x.key > servercrt.pem
 # chmod 644 servercert.pem
 # chown root:qmail servercert.pem
 # cp -p servercert.pem /var/qmail/control


 Godaddy Signed Certificate

 # openssl genrsa -out x.key 2048
 # openssl req -new -key x.key -out x.csr
 # --- Submit x.csr to Godaddy ---- #
 # --- Download returned crt and crt bundle --- #
 # cat x.key 7531fdb8504afe19.crt gd_bundle-g2-g1.crt > servercert.pem
 # chmod 644 servercert.pem
 # chown root:qmail servercert.pem
 # cp -p servercert.pem /var/qmail/control


 Restart Qmail and Dovecot

 qmailctl stop
 qmailctl start
 systemctl restart dovecot