5.x Commercial Certificates Guide: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
[5.0.1_GA and later] | [5.0.1_GA and later] | ||
| Line 25: | Line 24: | ||
Check whether the tomcat alias still exist in the keystore, you can check with this command | Check whether the tomcat alias still exist in the keystore, you can check with this command | ||
<pre> | |||
keytool -list -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password` | keytool -list -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password` | ||
</pre> | |||
If the above command returns two aliases (tomcat and jetty), please delete the tomcat alias with this command | |||
<pre> | |||
keytool -delete -alias tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password` | keytool -delete -alias tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password` | ||
</pre> | |||
If there are any errors from the above command, please send it to us (support@zimbra.com) | If there are any errors from the above command, please send it to us (support@zimbra.com). | ||
Revision as of 04:01, 4 February 2008
[5.0.1_GA and later]
Obtain your commerial cert from your provider. You will also need the root CA and any intermediaries that the provider uses in PEM format. Concatenate the root and intermediaries files into a single file for use with zmcertmgr (a) sudo zmcertmgr deploycrt comm <cert file> <ca_chain file> (b) zmcontrol stop ; zmcontrol start
[5.0.0_GA]
(a) Copy the certificate file(s) to /opt/zimbra/ssl/zimbra/commercial/ while naming it commercial.crt
If you have more than one cert files, please concatenate them into one file
(b) Copy the private key to /opt/zimbra/ssl/zimbra/commercial/ while naming it commercial.key
(c) Copy /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/jetty/webapps/zimbraAdmin/tmp/current.crt
current.crt should be owned by zimbra:zimbra
(d) Run this command /opt/zimbra/bin/zmcertmgr install comm
[4.5x to 5.x failed cert]
Check whether the tomcat alias still exist in the keystore, you can check with this command
keytool -list -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`
If the above command returns two aliases (tomcat and jetty), please delete the tomcat alias with this command
keytool -delete -alias tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`
If there are any errors from the above command, please send it to us (support@zimbra.com).
