Installing a StartSSL SSL Certificate with zmcertmgr
From Zimbra :: Wiki
|- This is archive documentation, which means it is not supported or valid for recent versions of Zimbra Collaboration.|
|- This article is a Work in Progress, and may be unfinished or missing sections.|
|This article applies to the following ZCS versions.|
Installing a *Free* StartSSL SSL certificate with zmcertmgr
WARNING: There are numerous errors on this page. Please use the official wiki at http://wiki.zimbra.com/wiki/Administration_Console_and_CLI_Certificate_Tools#ZCS_Certificate_CLI
Use the article as a guide to installing a StartSSL issued SSL certificate with the zmcertmgr tool.
2. Cat the CA certs to form a single CA certificate chain file
cat ca.pem sub.class1.server.ca.pem > ca_bundle.crt
3. Place server certificate in /tmp/ssl.crt.
4. Place the private key in /opt/zimbra/ssl/zimbra/commercial/commercial.key
5. Deploy the commercial certificate with zmcertmgr as the root user.
cd /opt/zimbra/bin ./zmcertmgr deploycrt comm /tmp/ssl.crt /tmp/ca_bundle.crt
6.(As Root User)
/opt/zimbra/java/bin/keytool -import -alias new -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /opt/zimbra/ssl/zimbra/commercial/commercial.crt
7. Restart the zimbra services
su zimbra zmcontrol stop zmcontrol start
See: CLI zmtlsctl to set Web Server Mode to enable or require web secure connections.
|Verified Against: Zimbra Collaboration Suite 6.x||Date Created: 7/21/2010|
|Article ID: http://wiki.zimbra.com/index.php?title=Installing_a_StartSSL_SSL_Certificate_with_zmcertmgr||Date Modified: 04/1/2015|