Qmail and its certificates

Here's some useful info for people looking to use cacert-signed certificates with qmail (installed with the appropriate TLS&SSL patches, of course).

I assume that you know how to generate your private key and certificate signing request and use them to get your certificate. If you have no clue, turn to HELP/4.

You need to generate /var/qmail/control/servercert.pem. On my setup, this file has  qmaild:qmail 640  permissions. Remember: your private key is in there, so you'd better protect it.

cat /path/to/key  >  /var/qmail/control/servercert.pem
cat /path/to/cert >> /var/qmail/control/servercert.pem

Now that was easy, wasn't it?