Steps to remove expired domain certificate from domain level configuration
Steps_to_remove_expired_domain_certificate_from_domain_level_configuration
Problem:
Unable to remove expired domain certificate from domain configuration.
Solution:
With the help of following steps we can remove expired domain certificate and key entry from domain configuration.
1). Move old domain certificate from "domaincerts" directory to some other location.
mv /opt/zimbra/conf/domaincerts/<OLD-CERT-FILES> /tmp/
2). Clear certificate and private key entries from domain level configuration.
zmprov md DOMAIN.COM zimbraSSLCertificate "" zimbraSSLPrivateKey ""
3). On proxy server regenerate nginx configuration files to take changes.
zmproxyconfgen -v -D -s <Any mailbox server name>
4). Restart proxy service on all proxy servers.
zmproxyctl restart