Recreating a Self-Signed SSL Certificate in ZCS 4.5 & 5.0: Difference between revisions
No edit summary |
No edit summary |
||
Line 17: | Line 17: | ||
:zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key<br> | :zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key<br> | ||
:zmcertinstall mta ssl/ssl/server/server.crt ssl/ssl/server/server.key<br> | :zmcertinstall mta ssl/ssl/server/server.crt ssl/ssl/server/server.key<br> | ||
</tt> | |||
</ | To install a commercial SSL certificate first remove the self-signed cert: | ||
:keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra<br> | |||
:keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra<br> | |||
Then using your new certificate and key run: | |||
:zmcertinstall mailbox ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key<br> | |||
:zmcertinstall mta ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key<br> |
Revision as of 17:34, 23 February 2006
To clean up SSL certificates and recreate a new self-signed cert try this:
as root:
- rm -rf /opt/zimbra/ssl
- mkdir /opt/zimbra/ssl
- chown zimbra:zimbra /opt/zimbra/ssl
su - zimbra
- keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
- keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
- zmcreateca
- zmcreatecert
- zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key
- zmcertinstall mta ssl/ssl/server/server.crt ssl/ssl/server/server.key
To install a commercial SSL certificate first remove the self-signed cert:
- keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
- keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
Then using your new certificate and key run:
- zmcertinstall mailbox ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key
- zmcertinstall mta ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key