Recreating a Self-Signed SSL Certificate in ZCS 4.5 & 5.0: Difference between revisions

No edit summary
No edit summary
Line 20: Line 20:


To install a commercial SSL certificate first remove the self-signed cert:
To install a commercial SSL certificate first remove the self-signed cert:
 
<tt>
:keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra<br>
:keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra<br>
:keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra<br>
:keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra<br>
 
</tt>
Then using your new certificate and key run:
Then using your new certificate and key run:
 
<tt>
:zmcertinstall mailbox ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key<br>
:zmcertinstall mailbox ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key<br>
:zmcertinstall mta ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key<br>
:zmcertinstall mta ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key<br>
</tt>

Revision as of 17:35, 23 February 2006

To clean up SSL certificates and recreate a new self-signed cert try this:

as root:

rm -rf /opt/zimbra/ssl
mkdir /opt/zimbra/ssl
chown zimbra:zimbra /opt/zimbra/ssl

su - zimbra

keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
zmcreateca
zmcreatecert
zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key
zmcertinstall mta ssl/ssl/server/server.crt ssl/ssl/server/server.key

To install a commercial SSL certificate first remove the self-signed cert:

keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra

Then using your new certificate and key run:

zmcertinstall mailbox ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key
zmcertinstall mta ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key

Jump to: navigation, search