Please explain: Creating the TLS/SSL Certificate

[Jacob Friis Larsen]

Could someone explain what this does?
I found it at 
http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO/html/cyrus-config.html

Does it create a self signed certificate?
Is there an easier way on Debian?

> *Creating the TLS/SSL Certificate*
> 
> If you want to enable Cyrus' TLS/SSL facilities, you have to create a certificate first. This requires an OpenSSL installation
> 
> openssl req -new -nodes -out req.pem -keyout key.pem  
> openssl rsa -in key.pem -out new.key.pem
> openssl x509 -in req.pem -out ca-cert -req \
> -signkey new.key.pem -days 999 
> 
> mkdir /var/imap
> 
> cp new.key.pem /var/imap/server.pem
> rm new.key.pem
> cat ca-cert >> /var/imap/server.pem
> 
> chown cyrus:mail /var/imap/server.pem
> chmod 600 /var/imap/server.pem # Your key should be protected
> 
> echo tls_ca_file: /var/imap/server.pem >> /etc/imapd.conf
> echo tls_cert_file: /var/imap/server.pem >> /etc/imapd.conf
> echo tls_key_file: /var/imap/server.pem >> /etc/imapd.conf


Thanks,
Jacob
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html