Regenerate Self-Signed SSL Certificate - Multi-Server: Difference between revisions
(Created page with "{{WIP}}{{Article Infobox|{{admin}}|{{ZCS 8.6}}|{{ZCS 8.5}}|{{ZCS 8.0}}}} =Regenerate Self-Signed SSL Certificate - Multi-Server= ==Purpose== Regenerate the SSL certificate in ...") |
No edit summary |
||
Line 1: | Line 1: | ||
{{ | {{BC|Certified}} | ||
__FORCETOC__ | |||
<div class="col-md-12 ibox-content"> | |||
=Regenerate Self-Signed SSL Certificate - Multi-Server= | =Regenerate Self-Signed SSL Certificate - Multi-Server= | ||
{{KB|{{ZC}}|{{ZCS 8.6}}|{{ZCS 8.5}}|{{ZCS 8.0}}|}} | |||
{{WIP}} | |||
==Purpose== | ==Purpose== | ||
Regenerate the SSL certificate in a Zimbra multi-server environment. | Regenerate the SSL certificate in a Zimbra multi-server environment. |
Latest revision as of 20:41, 12 July 2015
Regenerate Self-Signed SSL Certificate - Multi-Server
Purpose
Regenerate the SSL certificate in a Zimbra multi-server environment.
Resolution
Multi-Node Self-Signed Certificate 1. Begin by generating a new Certificate Authority (CA).
/opt/zimbra/bin/zmcertmgr createca -new /opt/zimbra/bin/zmcertmgr deployca
2. Then generate a certificate signed by the CA that expires in 365 days with either wildcard or subject altnames. Option 1
/opt/zimbra/bin/zmcertmgr createcrt -new -days 365 -subjectAltNames "*.example.com"
Option 2
/opt/zimbra/bin/zmcertmgr createcrt -new -days 365 -subject "/C=US/ST=CA/L=NVA/O=ZCS/OU=ZCS/CN=*.example.com"
Option 3
/opt/zimbra/bin/zmcertmgr createcrt -new -days 365 -subjectAltNames "host1.example.com,host2.example.come"
3. Next, deploy the certificate to all nodes in the deployment.
/opt/zimbra/bin/zmcertmgr deploycrt self -allserver
4. To finish, verify the certificate was deployed.
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
Note: The option viewdeployedcrt only works for the local server.
Additional Content
- Link to the an extended Wiki article.