Results 1 to 7 of 7

Thread: [SOLVED] Using existing certificates

  1. #1
    m.a.g. is offline Active Member
    Join Date
    Jul 2006
    Location
    Zurich, Switzerland
    Posts
    29
    Rep Power
    8

    Default [SOLVED] Using existing certificates

    Hello,

    I run 5.0.1 GA (Open Source on Debian Etch) and would like to use my existing (commercial) certificates I use right now for my webserver.

    I would like to use the certificates for imaps and smtps. In 4.5.3 version I was able to use them, but in the 5.0.1 I can't figure out how to do so - the search didn't lead me to the solution...

    Any ideas are appreciated.

    Regards,
    Markus

  2. #2
    mmorse's Avatar
    mmorse is offline Moderator
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    20

    Default

    First try the admin console gui cert wizard (new to 5.0 in the tools section just below 'mail queues') and it should install the certs across the board. (There are one or 2 tiny bugs with having a different locale which are fixed for 5.0.2)
    How to manually install your commercial certificate in 5.x - Zimbra :: Wiki

  3. #3
    m.a.g. is offline Active Member
    Join Date
    Jul 2006
    Location
    Zurich, Switzerland
    Posts
    29
    Rep Power
    8

    Default Using existing certificates (Solution)

    I just found a way:
    Using the wizard in the admin console to create a csr (just a dummy). Then replacing the files in /opt/zimbra/ssl/zimbra/commercial with the existing .csr & .key files from your apache installation. It's important to use the same names (the ones the wizard created).
    Switching back to the wizard an importing the certificate (incl. root CA and intermediate Cerficate). Restarting Zimbra and it works!

  4. #4
    m.a.g. is offline Active Member
    Join Date
    Jul 2006
    Location
    Zurich, Switzerland
    Posts
    29
    Rep Power
    8

    Default It's not the way to go!

    What I discribed above is not the way to go!

    I now have two serious issues:
    1) TLS for LDAP is not working any more and I can't send no more emails ([SOLVED] Expired Cert in 5.0GA can cause mail Delivery failure)
    2) When logging on to Webmail through a Apache html-proxy, I get this error (Zimbra https proxy with apache)

    This means I have to look for another way using my existing commercial certs...

  5. #5
    m.a.g. is offline Active Member
    Join Date
    Jul 2006
    Location
    Zurich, Switzerland
    Posts
    29
    Rep Power
    8

    Default

    After playing around with the certificates I messed up my system completly... I did a fresh install of Zimbra now.

    I googeled and searched the forum - but didn't find any solution. I only found fragments of possible solutions... But that didn't help me much, since these threads mostly end with open questions/problems.

    Isn't there anybody in the community using existing commercial certificates for imaps and smtps? Detailed installation steps would be very welcomed!

  6. #6
    m.a.g. is offline Active Member
    Join Date
    Jul 2006
    Location
    Zurich, Switzerland
    Posts
    29
    Rep Power
    8

    Default

    Hmmmm....

    I hoped that with 5.0.2 it would work. Unfortunatly I wasn't able to have a success.

    Who has a tipp for me?

  7. #7
    m.a.g. is offline Active Member
    Join Date
    Jul 2006
    Location
    Zurich, Switzerland
    Posts
    29
    Rep Power
    8

    Default Solved

    This post was the solution: Failed Commercial Cert Migration

    The strange thing was that it did work when I exported the cert from my existing 4.5 installation. It didn't work when I used the certs from the apache server (in 4.5 I used exactly these certs from the apache)...

    But it works now - that counts!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Installing existing SSL certificates (solved)
    By inigoml in forum Administrators
    Replies: 22
    Last Post: 02-24-2009, 10:32 AM
  2. Replies: 1
    Last Post: 11-05-2007, 06:55 PM
  3. Integrating Zimbra in existing email infrastructure
    By g8se in forum Administrators
    Replies: 2
    Last Post: 01-02-2007, 10:52 PM
  4. Replies: 3
    Last Post: 03-06-2006, 09:47 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •