Support #398
Installing a SSL Certificate on Zimbra
Description
This article is a guide to installing a StartSSL issued SSL certificate with the zmcertmgr tool.
- 1. Download the ca.pem and sub.class1.server.ca.pem to /tmp/
cd /tmp wget https://www.startssl.com/certs/ca.pem wget https://www.startssl.com/certs/sub.class1.server.ca.pem
- 2. Combine the two CA certs to form a single CA certificate chain file
cat ca.pem sub.class1.server.ca.pem > ca_bundle.crt
- 3. Place signed SSL certificate in /tmp/www.example.com.crt.
- 4. Place the SSL private key in /opt/zimbra/ssl/zimbra/commercial/commercial.key
- 5. Deploy the commercial certificate with zmcertmgr as the root user.
cd /opt/zimbra/bin ./zmcertmgr deploycrt comm /tmp/www.example.com.crt /tmp/ca_bundle.crt
- 6.(As Root User) Import the SSL key into Zimbra
/opt/zimbra/java/bin/keytool -import -alias new -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /opt/zimbra/ssl/zimbra/commercial/commercial.crt
- 7. Restart the zimbra services
su zimbra zmcontrol stop zmcontrol start
Updated by Daniel Curtis over 10 years ago
- Description updated (diff)
- Status changed from In Progress to Resolved
- % Done changed from 50 to 100
Updated by Daniel Curtis almost 10 years ago
- Project changed from 89 to GNU/Linux Administration
- Category set to Mail Server