Recreating a Self-Signed SSL Certificate in ZCS 4.5 & 5.0

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

To clean up SSL certificates and recreate a new self-signed cert try this:

as root:

rm -rf /opt/zimbra/ssl mkdir /opt/zimbra/ssl chown zimbra:zimbra /opt/zimbra/ssl

su - zimbra

keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbrazmcreateca zmcreatecert zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key zmcertinstall mta ssl/ssl/server/server.crt ssl/ssl/server/server.key

To install a commercial SSL certificate first remove the self-signed cert:

keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra

Then using your new certificate and key run:

zmcertinstall mailbox ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key zmcertinstall mta ssl/ssl/server/commercial.crt ssl/ssl/server/commercial.key

Recreating a Self-Signed SSL Certificate in ZCS 4.5 & 5.0

Products

Support

Learn

Community