diff --git a/scripts/mail.sh b/scripts/mail.sh
index 7dd48d08..88b214d2 100755
--- a/scripts/mail.sh
+++ b/scripts/mail.sh
@@ -210,9 +210,7 @@ tools/editconf.py /etc/dovecot/conf.d/10-ssl.conf \
 # Create a self-signed certifiate.
 mkdir -p $STORAGE_ROOT/ssl
 if [ ! -f $STORAGE_ROOT/ssl/ssl_certificate.pem ]; then
-	openssl genrsa -des3 -passout pass:x -out /tmp/server.key 2048 # create key, but it has a password...
-	openssl rsa -passin pass:x -in /tmp/server.key -out $STORAGE_ROOT/ssl/ssl_private_key.pem # remove password and save it to the right location
-	rm /tmp/server.key # remove temporary password-laden key
+	openssl genrsa -out $STORAGE_ROOT/ssl/ssl_private_key.pem 2048
 	openssl req -new -key $STORAGE_ROOT/ssl/ssl_private_key.pem -out $STORAGE_ROOT/ssl/ssl_cert_sign_req.csr \
 	  -subj "/C=/ST=/L=/O=/CN=$PUBLIC_HOSTNAME"
 	openssl x509 -req -days 365 \