[SOLVED] CalDAV and CardDAV over SSL?

[mfehr]

Hi,

I use CalDAV and CardDAV services on my Zimbra server. How can I run those services over SSL? For mail, I have POPS and SMTPS running. I did not find any configuration option on the admin user interface. I assume this is done over the zimbra CLI?

[ewilen]

I haven't used CardDAV due to issues with virtual domains, but CardDAV over SSL "just works" for me. For example, in the account setup for iCal under Mac OS, I just have it set to use Port 443 and the "Use SSL" checkbox is checked.

If you use the iSync connector on a Mac to have it automatically configure CardDav, you do the same in the Account tab: Server port 443 and check "Use Secure Sockets Layer (SSL)".

The only possible prerequisites I can think of are (a) having a commercial certificate instead of self-signed, and (b) having Zimbra configured to use https. For the latter see CLI zmtlsctl to set Web Server Mode - Zimbra :: Wiki and use any mode (as described in the command) other than http.

Not sure if (a) and (b) are necessary, but I configured them very early in our installation, so I can't say what would happen if you don't have them.

[mfehr]

Thanks for the hint to the zmtlsctl command. I now changed the web interface to always switch to https.

Thanks to this hint, I identified the core issue as the initial change "zmtlsctl mixed" initially failed after entering the login credentials: The real issue was that port 443 was blocked in front of the zimbra server.