Regenerate Self-Signed SSL Certificate - Multi-Server

Regenerate Self-Signed SSL Certificate - Multi-Server

   KB 21726        Last updated on 2015-07-12  




0.00
(0 votes)

Purpose

Regenerate the SSL certificate in a Zimbra multi-server environment.

Resolution

Multi-Node Self-Signed Certificate 1. Begin by generating a new Certificate Authority (CA).

/opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr deployca

2. Then generate a certificate signed by the CA that expires in 365 days with either wildcard or subject altnames. Option 1

/opt/zimbra/bin/zmcertmgr createcrt -new -days 365 -subjectAltNames "*.example.com" 

Option 2

/opt/zimbra/bin/zmcertmgr createcrt -new -days 365 -subject "/C=US/ST=CA/L=NVA/O=ZCS/OU=ZCS/CN=*.example.com" 

Option 3

/opt/zimbra/bin/zmcertmgr createcrt -new -days 365 -subjectAltNames "host1.example.com,host2.example.come"

3. Next, deploy the certificate to all nodes in the deployment.

/opt/zimbra/bin/zmcertmgr deploycrt self -allserver

4. To finish, verify the certificate was deployed.

/opt/zimbra/bin/zmcertmgr viewdeployedcrt

Note: The option viewdeployedcrt only works for the local server.

Additional Content


Verified Against: Zimbra Collaboration 8.5, 8.6 Date Created: 02/24/2015
Article ID: https://wiki.zimbra.com/index.php?title=Regenerate_Self-Signed_SSL_Certificate_-_Multi-Server Date Modified: 2015-07-12



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Wiki/KB reviewed by Gayle B Jorge Jenny Last edit by Jorge de la Cruz
Jump to: navigation, search