Here is a very quick patch to allow iRedMail to generate self-signed SSL keys using SHA-2 (sha256), which is a requirement for keys that expire after 2016 (Reference: https://support.godaddy.com/help/articl … h-function ):
--- org/generate_ssl_keys.sh 2015-01-09 15:29:29.000000000 -0500
+++ new/generate_ssl_keys.sh 2015-01-09 15:30:02.000000000 -0500
@@ -69,7 +69,7 @@
mkdir -p {certs,private} 2>/dev/null
openssl req \
- -x509 -nodes -days 3650 -newkey rsa:2048 \
+ -x509 -nodes -days 3650 -newkey rsa:2048 -sha256 \
-subj "/C=${TLS_COUNTRY}/ST=${TLS_STATE}/L=${TLS_CITY}/O=${TLS_COMPANY}/OU=${TLS_DEPARTMENT}/CN=${TLS_HOSTNAME}/emailAddress=${TLS_ADMIN}/" \
-out ${SSL_CERT_FILE} -keyout ${SSL_KEY_FILE} >/dev/null 2>&1If there is a better way of communicating such issues, please let me know.
Tim Massey