IMail - How to create a self-signed SSL certificate

Question/Problem: I want to use SSL for Web Messaging and Web Calendaring, can I create my own SSL certificate or do I need to get an SSL certificate from a Trusted Certificate Authority (TCA) like Thawte, Verisign, or GeoTrust?

Answer/Solution: For version 8.1+, please see:
IMail - How to create a self-signed SSL certificate in version 8.1+

Versions 6 - 8.0 shipped with an SSL Configuration Utility that you can use to create your own 128-bit SSL certificate. Although it is not necessary to run an SSL encrypted session, using the self-signed certificate within IMail you can purchase a trusted SSL certificate from a registered TCA. To create a self-signed certificate, use the following steps:

1.) Make sure that SSL is not enabled in both Web Messaging and Web Calendaring services.
2.) Open the IMail SSL Configuration Utility (Start | Programs | IMail).
3.) Choose File | Registry path and enter 'software\ipswitch\imail\ssl' (no quotes) and click OK. (If you are prompted to create a path that does not exist, double-check your spelling. If you did not choose to install the default SSL keys during the installation, you will need to click 'Yes'.)
4.) Click Certificate. Read the information contained in the window and click 'Continue'. If prompted, click 'Yes' to get to the Certificate Creation Window.
5.) On the next window, choose a file name for the .key and .crt files. This can be the same name, but it must be eight characters or less and cannot contain special characters or spaces. You also cannot use the word 'server'. We'll call ours 'keyname.crt' and 'keyname.key'.
6.) Pay attention to the 'Host Name' field. The hostname you enter here should be the hostname users use in their browsers to connect to Web Messaging/Calendaring. For example:
If users normally connect to:
http://webmail.maildomain.com:8383
then, enter 'webmail.maildomain.com' (no quotes) into the 'Host Name' field.
7.) In the Challenge and Confirm fields, enter a password.
8.) Click OK. You will be prompted that the files were created successfully.
9.) Click Configuration | SSL Configuration and then click Next after verifying the file names are correct.
10.) Move the ciphers you wish to be available for your users to the 'Cipher Chosen' window (If you want all ciphers available, shift-select the entire list and move them all over.) and click Next.
11.) Set your Session Cache field. Values can be between 128 and 1024. Then, set your Session Time value. Allowed values are between 60 and 7,200 seconds.
12.) Click Finish.
13.) Enable SSL in either or both Web services and restart them.

Users will now see a "Regular mode active. Enter secure mode." link when connecting to the service. If they select that link, traffic between client and server will now be SSL encrypted.

If you wish to use your self-signed SSL certificate to purchase an SSL certificate from a trusted CA, see:

IMail - How to use an SSL Certificate from a Trusted Certificate Authority

The first time the user's browser connects via SSL, they may receive a warning that the SSL certificate was not issued by a site they have chosen to trust. Only certificates issued by a TCA will not create this warning. If the user installs the certificate, they will not receive this warning again. Please see the help section of the user's browser for information on how to install an SSL certificate.

It is possible to enable and disable SSL encryption on a per-domain basis. To do this, change the SSL options on the Web Options tab for the domain.