You were right on that. I recreated a CSR (for *.company.com) from the Web GUI last night and submitted it to NetSol.
Following the wiki article I went and did it all by hand. When attempting to run a check I get the following:
Anyone have an idea on why it can't validate?
[root@localhost commercial]# /opt/zimbra/bin/zmcertmgr verifycrt comm
** Verifying /opt/zimbra/ssl/zimbra/commercial/commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
unable to load certificate
24906:error:0906D066:PEM routines:PEM_read_bio:bad end line:pem_lib.c:746:
XXXXX ERROR: Unmatching certificate (/opt/zimbra/ssl/zimbra/commercial/commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) pair.