Per-virtual domain certificates for IMAP/POP3 (cPanel/WHM servers only)

[thisisit3]

INTRODUCTION
------------
This is a PHP script for cPanel/WHM servers. It converts the existing virtual host certificates into courier-imap/pop3 PEM files, which makes it possible for IMAP and POP3 sessions to use per-virtual host certificates like HTTP does.


INSTALLATION
------------
First, edit the file updatecerts.php and at the top change the available configuration options. The debug option prints lots of interesting information, while the nochange option allows you to first run the script in test mode, no changes will be made to the system but the script will print what it would have done if the nochange option was set to false. Once you've verified that everything is ok and no errors were produced, change it to true and re-run the script.

Just run "php ./updatecerts.php" in the current directory as root to execute the script.

You may execute the script via a cronjob if you want (once a day should be good enough) and the script will maintain a current list of PEM files, since it removes any stale PEM files when a virtual domain has been removed via WHM.


TODO
----
Looking for a way to do this in Exim as well. If we can get Exim to load separate "tls_certificate" options per-virtual host then we've solved the problem.

[atechstl]

Are you looking for a way to provide a secure connection for email sessions with one Cert?

[thisisit3]

Currently, cPanel/WHM allows you to install a certificate per domain (with a dedicated IP address), but that is only installed in apache. Thus, secure connections to POP3/IMAP etc use the shared certificate. So no, i'm not interested to provide one certificate only, i'm doing the exact opposite.

[visskiss]

Here's the thread:

http://forums.cpanel.net/showthread....121#post424121

A script would be nice... ;-)