To create new SSL certificates for the dovecot pop3 and imap server on Ubuntu, follow these steps:
Make a backup copy of the old key and certificate file
sudo cp /etc/ssl/private/dovecot.key /etc/ssl/private/dovecot.key.old
sudo cp /etc/ssl/certs/dovecot.pem /etc/ssl/certs/dovecot.pem.old
Create the new key file
openssl genrsa -out /etc/ssl/private/dovecot.key 1024
Create the new certificate file, valid for 2 years
openssl req -new -x509 -key /etc/ssl/private/dovecot.key -out /etc/ssl/certs/dovecot.pem -days 730
Then restart dovecot
/etc/init.d/dovecot restart