LinkBack URL
About LinkBacks
zmcertctl ignores "subject"
Hi,
After searching the forum for a great answer... I've found nothing, so I decided to post.
My configuration is quite simple: One Ubuntu 8.04 Server with ZCS 6.0.4 (64bit).
I would like to change the generic "Zimbra Collaboration Suite" certificates for my own self signed certificate. To do so, I've followed the procedure found on the wiki. Everything ran perfectly, but the result is disapointing.Code:zimbra@hl-zcs:~$ zmcontrol -v Release 6.0.4_GA_2038.UBUNTU8_64 UBUNTU8_64 FOSS edition.
Here are the command and result:
As you can read, "subject" and "issuer" are not exactly what we can expect as a good result!!!Code:root@hl-zcs:~# /opt/zimbra/bin/zmcertmgr createcrt -new -days 1825 -subject "/C=FR/ST=Alsace/L=XXXXXX/O=Hopital de XXXXXX/O=Service Informatique/CN=*.hl-XXXXXX.fr" Validation days: 1825 ** Creating /opt/zimbra/conf/zmssl.cnf...done ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20100112170309 ** Generating a server csr for download self -new -keysize 1024 ** Creating /opt/zimbra/conf/zmssl.cnf...done ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20100112170309 ** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done. ** Saving server config key zimbraSSLPrivateKey...done. ** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...done. root@hl-zcs:~# /opt/zimbra/bin/zmcertmgr createcrt -new -days 1825 -subjectAltNames "mail.hl-XXXXXX.fr,hl-zcs.hlXXXXXX.local" Validation days: 1825 ** Creating /opt/zimbra/conf/zmssl.cnf...done ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20100112170410 ** Generating a server csr for download self -new -keysize 1024 ** Creating /opt/zimbra/conf/zmssl.cnf...done ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20100112170410 ** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done. ** Saving server config key zimbraSSLPrivateKey...done. ** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...done. root@hl-zcs:~# /opt/zimbra/bin/zmcertmgr deploycrt self -allserver ** Saving global config key zimbraSSLCertificate...done. ** Saving global config key zimbraSSLPrivateKey...done. ** Installing mta certificate and key...done. ** Installing slapd certificate and key...done. ** Installing proxy certificate and key...done. ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done. ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done. ** Installing CA to /opt/zimbra/conf/ca...done. root@hl-zcs:~# /opt/zimbra/bin/zmcertmgr viewdeployedcrt ::service mta:: notBefore=Jan 12 16:04:14 2010 GMT notAfter=Jan 11 16:04:14 2015 GMT subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local SubjectAltName= hl-zcs.hlXXXXXX.local, mail.hl-XXXXXX.fr ::service proxy:: notBefore=Jan 12 16:04:14 2010 GMT notAfter=Jan 11 16:04:14 2015 GMT subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local SubjectAltName= hl-zcs.hlXXXXXX.local, mail.hl-XXXXXX.fr ::service mailboxd:: notBefore=Jan 12 16:04:14 2010 GMT notAfter=Jan 11 16:04:14 2015 GMT subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local SubjectAltName= hl-zcs.hlXXXXXX.local, mail.hl-XXXXXX.fr ::service ldap:: notBefore=Jan 12 16:04:14 2010 GMT notAfter=Jan 11 16:04:14 2015 GMT subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=hl-zcs.hlXXXXXX.local SubjectAltName= hl-zcs.hlXXXXXX.local, mail.hl-XXXXXX.fr
Any good idea is welcome!!!
Best regards,
Bob
