• Create a key file:

openssl genrsa -out key.pem 2048

• Create a certificate request. You will be asked to give information which will be included in the certificate.
  

openssl req -new -key key.pem -out request.pem

• Create a self-signed certificate that is valid for a year:

openssl req -x509 -days 365 -key key.pem -in request.pem -out certificate.pem

• Concatenate the key and certificate into a single file:

cat key.pem certificate.pem >apache.pem

• Copy the new file to the location where apache-ssl looks for the certificate. For example:

cp apache.pem /etc/apache-ssl

• Restart apache-ssl and inetd

To renew imap certificates, update the dovecot.key file in /etc/ssl/private with key.pem and the dovecot.pem certificate in /etc/ssl/certs with apache.pem.