Hi,
I have been trying for a few days now to get commercial certificates to work properly with Zimbra 5 RC2. I must be going wrong somewhere, though I have been following the instructions
here to the letter.
This is the process I have used:
Quote:
1. Create the keystore
keytool -genkey -alias jetty -keyalg RSA -keystore /opt/zimbra/ssl/ssl/commercial.keystore
2. keytool -certreq -keyalg RSA -alias jetty -file /opt/zimbra/ssl/ssl/commercial.csr -keystore /opt/zimbra/ssl/ssl/commercial.keystore
|
At this step, am I correct in thinking the certificate request must have an alias of "jetty" rather than "tomcat"? (it says tomcat in the wiki).
Quote:
3. Sent the contents of commercial.csr to DigiCert and got three certificates back:- TrustedRoot.crt
- DigiCertCA.crt
- star_mydomain_org.crt
|
Are there any known issues with *.mydomain.com certificates?
Quote:
4. Installed the certificates into the keystore in the order listed above. Everything went fine. Got the correct responses and "Certificate reply was installed in keystore".
5. Copied the keystore to /opt/zimbra/jetty/etc/keystore. I did change the permissions appropriatly.
6. Restart Zimbra (zmcontrol start;zmcontrol stop). When I do so, and go to the web client, I get a page not found!
|
Replacing the keystore with a backup of the old one, and then restarting Zimbra fixes this problem.
Any ideas?
Many thanks,
Gary