I created own CA ( following http://www.debiantutorials.net/create-your-private-certificate-authority-ca/ ) and new ceritificates for pop3 and imap , than I created new keys ( following http://www.howtoforge.com/forums/archive/index.php/t-1383.html ) but when I am using new keys my clients ( outlook or Thuderbird ) say that pop3 servers use other criptography. When I copy back old certificates everything is OK ( except they are to old )