Lynis reports expired certificate


My security scanner Lynis informed me that it found an expiring certificate for my cyrus imap server. Oh noes!!!!

So I quickly located the following instructions online:
openssl req -new -nodes -out req.pem -keyout key.pem
openssl rsa -in key.pem -out new.key.pem
openssl x509 -in req.pem -out ca-cert -req
-signkey new.key.pem -days 999
cp new.key.pem /etc/ssl/cyrus/server.pem
rm new.key.pem
cat ca-cert >>/etc/ssl/cyrus/server.pem
This seemed unsufficient as the expiring report is : /etc/ssl/cyrus/server.crt.

The last step however was easy, copy server.pem to server.crt and we are back in business.