Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Installation
Reload this Page Commercial SSL certtificate installation

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 12-02-2005, 02:23 PM
Member
  
Posts: 13
Default Commercial SSL certtificate installation
Can anyone point me to a list of the steps required to install a commercial SSL certificate? I would like to install a wildcard SSL cert that we obtained from GoDaddy.

GoDaddy has options to select a certificate type. I chose 'tomcat'. Is this correct? Can I use the same cert for the MTA etc?
Reply With Quote
  #2 (permalink)  
Old 02-13-2006, 07:28 AM
Project Contributor
  
Posts: 88
Default Cert Installation Question
I am also unclear as to how to install a certificate in zimbra.

I have a certificate intended for a webserver, that I had created for zimbra.raydiance-inc.com. Provided by GeoTrust.

I have the server.crt and the server.crt.key files, which contain the public and private key's respectively. How can I install these.

The admin.pdf guide makes mention of the zmcertinstall command, but in reference to self signed certificate installation.

My ultimate goal is to provide SSL encryption for IMAP/POP3/SMTP and the webgui.
Last edited by jonnyRo; 02-13-2006 at 07:31 AM..
Reply With Quote
  #3 (permalink)  
Old 02-13-2006, 07:47 AM
Zimbra Employee
  
Posts: 4,792
Default
You can use zmcertinstall to do this. Just point to your .crt and .key file. Run it once for mta and once for mailbox.
__________________
Bugzilla - Wiki - Downloads - Offline Client
Reply With Quote
  #4 (permalink)  
Old 02-13-2006, 08:37 AM
Project Contributor
  
Posts: 88
Default Small problem, worked for mta but not for mailbox
I get this error when running it for mailbox.

zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key
** Importing server cert

keytool error: java.lang.Exception: Public keys in reply and keystore don't match
[zimbra@zimbra ~]$
Reply With Quote
  #5 (permalink)  
Old 02-13-2006, 10:49 AM
Zimbra Employee
  
Posts: 2,103
Default cert install
Quote:
Originally Posted by jonnyRo
I get this error when running it for mailbox.

zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key
** Importing server cert

keytool error: java.lang.Exception: Public keys in reply and keystore don't match
[zimbra@zimbra ~]$
Are server.crt and server.key the files for your "real" cert? Not your self-signed cert?

You'll need to delete the tomcat cert, first, since it appears to be trying to match it up with the csr that's in there:
keytool -delete -keystore /opt/zimbra/tomcat/conf/keystore -alias tomcat

Then try the certinstall
Reply With Quote
  #6 (permalink)  
Old 02-13-2006, 11:24 AM
Project Contributor
  
Posts: 88
Default Keystore password?
It asks me for the keystore password when I go to delete it. Is there an easy way to find out what this password is? Perhaps it's somewhere in the LDAP database.
Reply With Quote
  #7 (permalink)  
Old 02-13-2006, 11:55 AM
Zimbra Employee
  
Posts: 2,103
Default keystore
Quote:
Originally Posted by jonnyRo
It asks me for the keystore password when I go to delete it. Is there an easy way to find out what this password is? Perhaps it's somewhere in the LDAP database.
keystore pass is "zimbra"
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.