Transfer SSL certificates between servers: Difference between revisions

(New page: <pre> copy /opt/zimbra/ssl to /sslbk. create sslbk.zip from the directory /sslbk and transfer it to a holding server. on the destination server stop the zimbra service. As root transfe...)
 
No edit summary
Line 22: Line 22:
===common error messages===
===common error messages===
----------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------
If you see this message then make sure to unzip the file sslbk.zip and replace /opt/zimbra/ssl with sslbk files
<pre>If you see this message, then make sure to unzip the file sslbk.zip and replace /opt/zimbra/ssl with sslbk files.


[root@zim-lab-06 bin]# ./zmcertmgr deploycrt comm /sslbk/zimbra/commercial/commercial.crt //sslbk/zimbra/commercial/commercial_ca.crt
[root@zim-lab-06 bin]# ./zmcertmgr deploycrt comm /sslbk/zimbra/commercial/commercial.crt //sslbk/zimbra/commercial/commercial_ca.crt
** Verifying /sslbk/zimbra/commercial/commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
** Verifying /sslbk/zimbra/commercial/commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
XXXXX ERROR: Unmatching certificate (/sslbk/zimbra/commercial/commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) pair.
XXXXX ERROR: Unmatching certificate (/sslbk/zimbra/commercial/commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) pair.
XXXXX ERROR: provided cert isn't valid.
XXXXX ERROR: provided cert isn't valid</pre>






If you see a list of services that did not start post re-install of the SSL certificate then restart the Zimbra service and may have to clear the PID number from the .pid files to force a refresh of zimbra process tracking.  /opt/zimbra/log
<pre>If you see a list of services that did not start post re-install of the SSL certificate, then restart the Zimbra service and
may have to clear the PID number from the .pid files to force a refresh of zimbra process tracking.  /opt/zimbra/log</pre>
----------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------

Revision as of 19:22, 23 February 2009

copy /opt/zimbra/ssl  to /sslbk.

create sslbk.zip from the directory /sslbk and transfer it to a holding server.

on the destination server stop the zimbra service.

As root transfer the sslbk.zip file from the hosting server to the destination server.

re-name the existing /opt/zimbra/ssl  to ssl_old.

un-pack the  sslbk.zip file to the root directory as  /sslbk.

copy the /sslbk to /opt/zimbra/ and rename to ssl  so that /opt/zimbra/ssl is re-created using the directory from the source server.

cd into the /opt/zimbra/bin directory

Deploy the cert ./zmcertmgr deploycrt comm /sslbk/zimbra/commercial/commercial.crt //sslbk/zimbra/commercial/commercial_ca.crt

switch back to Zimbra user and restart Zimbra and then switch back to root and restart the Zimbra service at /etc/init.d/./zimbra restart

common error messages


If you see this message, then make sure to unzip the file sslbk.zip and replace /opt/zimbra/ssl with sslbk files.

[root@zim-lab-06 bin]# ./zmcertmgr deploycrt comm /sslbk/zimbra/commercial/commercial.crt //sslbk/zimbra/commercial/commercial_ca.crt
** Verifying /sslbk/zimbra/commercial/commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
XXXXX ERROR: Unmatching certificate (/sslbk/zimbra/commercial/commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) pair.
XXXXX ERROR: provided cert isn't valid


If you see a list of services that did not start post re-install of the SSL certificate, then restart the Zimbra service and
 may have to clear the PID number from the .pid files to force a refresh of zimbra process tracking.  /opt/zimbra/log

Jump to: navigation, search