Self signed certs for Exim and Dovecot (High Sierra)

(Replace with your domain name)

login root
mkdir -p /private/etc/certificates
cd /private/etc/certificates
openssl genrsa -des3 -out 2048
openssl req -new -key -out

Follow instructions on screen:

countryName = US
state = CA
localityName = Los Angeles
organizationName = CAPTAIN NET (
organizationalUnitName = IT
commonName =
emailAddress =

Sign and create a certificate and a nopass key

openssl x509 -req -days 365 -in -signkey -out
openssl rsa -in -out