Originally posted by net First of all, you need to have a valid Certificate, get 1 at ev1 (starter ssl certificate at 9 dollars) and make sure to assign it to your hostname.
then edit /etc/exim.crt and replace it with your web certificate from ev1 then edit /etc/exim.key and replace it with your private key.
Use your hostname to send and receive emails using ssl and you're done!
You actualy were right in some ways
You just have to replace /etc/exim.crt /etc/exim.key with the ones generated for your WHM/cpanel. cpop (cpanel pop3 server) crt and keys are replaced automaticly
and then Users of your smtp just have to add your cpanel cert to trusted (for exaple by opening cpanel page by IE) and they will never be bothered about certs for SSL pop3/smtp
As for self signed Root CA thats also easy. I made it. When end user will import your Root CA then he will not have to add your cpanel/whm cert to trusted! But in both ways he have to import something so I will for now stick to makeing users import just cpanel cert