Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page [SOLVED] how to install separate external SSL certificate?

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 07-25-2009, 05:49 PM
Active Member
  
Posts: 41
Default [SOLVED] how to install separate external SSL certificate?
Hey, hi, All,

Hope this finds you all healthy, wealthy, wise.

I have been a Zimbra admin for a handful of years & feel like I know it fairly well, and I have installed a number of certificates (thawte, geotrust, caCert, etc), but this situation is new to me.

We have the following files here:
req.pem
server.key
cert.pem
ca.pem

(all the above files on the mail server were generated using openSSL by hand)

And processed through GeoTrust. Now we need to install this in to Zimbra. I have read a dozen threads herein but I have not yet come across a thread that talks about doing this. I hope I am missing it & someone can point me at an URL with the steps & I'll be done in 10 minutes.

However, if not, I am hoping that someone can lend me a hand, please, thank you, on how to go about installing this certificate in to Zimbra without using the keystore as the source of the original CSR.

I would need to some how get the request in to the store & then get the cert' in to the store afterward (since we did not create the request from the keystore).

Thanks so much. Much appreciated.
__________________
Thanks very much.

Peace. Love. Linux.

Jason Sjobeck
xmpp:jason@sjobeck.com
*Asterisk Consultant To The Stars *
Reply With Quote
  #2 (permalink)  
Old 07-25-2009, 06:46 PM
Advanced Member
  
Posts: 213
Default I just did this the other day
with a wildcard cert from Equifax (think it is same as GeoTrust), and no CSR from the Zimbra server (it didnt' seem to be needed). I followed this:

Installing a GeoTrust Commercial Certificate - Zimbra :: Wiki

your "ca.pem" might be the same as the Equifax cert mentioned below, dunno, just telling you what I did. You could try renaming the ca.pem to commercial_ca.crt and see if they match in the first zmcertmgr command listed below. I also rename the files from what you have, to match the instructions... I think this process automatically looks for the private key in a file in that directory called "commercial.key".

- in the /opt/zimbra/ssl/zimbra/commercial directory....
- wget https://www.geotrust.com/resources/r..._Authority.cer
- mv Equifax_Secure_Certificate_Authority.cer commercial_ca.crt
- mv cert.pem commercial.crt
- mv server.key commercial.key
- (as root) /opt/zimbra/bin/zmcertmgr verifycrt comm commercial.crt commercial_ca.crt
- if all reports as matching....
- (as root) /opt/zimbra/bin/zmcertmgr deploycrt commercial.crt commercial_ca.crt

good luck
Reply With Quote
  #3 (permalink)  
Old 07-29-2009, 06:23 PM
Active Member
  
Posts: 41
Default
Thanks so much. Too easy. Making it harder then it was. Simply used "deploycrt" & pointed at my two files & restarted all services & tested & done. Simple. Thanks so much.
__________________
Thanks very much.

Peace. Love. Linux.

Jason Sjobeck
xmpp:jason@sjobeck.com
*Asterisk Consultant To The Stars *
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.