Installing a Verisign Test Certificate

Admin Article

Article Information

This article applies to the following ZCS versions.

ZCS 5.0 Article ZCS 5.0

Instructions on how to install a 15 day free trial Verisign Certificate on Zimbra Server:

  1. Go to and select "Free SSL Trial".
  2. Fill out the form on the Free SSL Trial Certificate Page and click Continue
  3. Open a new browser window and create CSR through Zimbra Admin Console. Login to the Admin Console, click Certificates -> Install Certificate Button -> Select Target Server -> Select Generate the CSR for the commercial certificate authorizer -> create the CSR and download and save the CSR file
  4. Go back to verisign Free Trial SSL page and continue, fill out the required technical contact.
  5. When you are asked by Verisign abou the CSR, open your saved CSR file and copy paste the content to Verisign page
  6. Once you successfully submit your CSR, a trial Certificate will be created by Verisign and emailed to you.
  7. Once you receive the certificate, save it, say verisign_free_trial.crt
  8. Get the verisign Root CA for the certificate you just got and save it as To get the root CA, go to
  9. Get the verisign Intermediate CA for the certificate you just got and save it as To get the intermediate CA, go to
  10. Go back to Admin Console and launch the Install Certificate wizard, pick the "Install the commercially signed certificate". When you are prompted to upload the certificate, select verisign_free_trial.crt as Certificate, as Root CA, and as Intermediate CA.
  11. Click Next and then Install. Your Commercial Certificate will be installed successfully.
  12. Restart the zimbra server.


If Zimbra doesn't come up after the restart, chances are that you have error messages like the following in your logs:

Caused by: PKIX path building failed: athBuilderException: unable to find valid certification path to requested target

The culprit is the missing CA for the VeriSign Trial Secure Server Test Root CA. You can import the CA with the following command:

# /opt/zimbra/java/bin/keytool -import -alias <ALIAS> -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass <PASSWORD> -file /opt/zimbra/conf/ca/commercial_ca.pem

Verified Against: unknown Date Created: 1/30/2008
Article ID: Date Modified: 2015-03-24

Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search