Installing a Comodo SSL Certificate on Zimbra Collaboration
Article Information |
---|
This article applies to the following ZCS versions. |
Installing a Comodo SSL certificate with zmcertmgr
Use the article as a guide to installing a Comodo issued SSL certificate with the zmcertmgr tool.
1. Get a Tomcat bundle from Comodo in PEM format.
2. Place the bundle on your Zimbra mailbox server. You should receive a ca_root.crt and ca_intermediate.crt files. Note the root and intermediate files may have different names.
3. Cat the CA certs to form a single CA certificate chain file
cat ca_root.crt ca_intermediate.crt > /tmp/ca_bundle.crt
In the case of a PositiveSSL cert,
cat PositiveSSLCA.crt UTNAddTrustServerCA.crt AddTrustExternalCARoot.crt > /tmp/ca_bundle.crt
4. Place server certificate in /tmp/server.crt. For PositiveSSL, this will be the one in the form servername_domainname_tld.crt (e.g., www_example_com.crt)
cp www_example_com.crt /tmp/server.crt
5. Deploy the commercial certificate with zmcertmgr as the root user.
cd /opt/zimbra/bin ./zmcertmgr deploycrt comm /tmp/server.crt /tmp/ca_bundle.crt