Create an SSL certificate with strong, 2048 bit encryption

When creating either a self signed certificate or a certificate request, Kerio MailServer uses 1024 bit encryption. You may however prefer stronger encryption, especially if you are using a signing authority such as GoDaddy, which requires 2048 bit encryption. In this case, you may use the free OpenSSL utility that is available with most Unix or Linux based systems. There is also a version of the tool available for the Windows Operating system.
Self signed certificates generated by Kerio MailServer carry a default expiration of 1 year. The OpenSSL utility will also allow you to define your own expiration, for example 3 years. For specific instructions and usage of the OpenSSL utility, read the Knowledgebase article.