Since our certificate expired, I have been unable to install a new Comodo certificate.
It is unclear to me, what are the exact steps to clean everything and start from scratch.
The main steps I am taking are to generate a new CSR via the admin webconsole and submit that to Comodo, then to either via the commandline concatenate a bundle and verify the certificate - which generates an error - or install the certificate via the admin web console - which generates an error, also.
The errors that are being generated are:
(admin web console
Your certificate was not installed due to the error : system failure: XXXXX ERROR: Invalid Certificate Chain:
root@mail:/tmp# /opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/ commercial/commercial.key /tmp/manascmail_com.crt
** Verifying /tmp/manascmail_com.crt against /opt/zimbra/ssl/zimbra/commercial/c ommercial.key
Certificate (/tmp/manascmail_com.crt) and private key (/opt/zimbra/ssl/zimbra/co mmercial/commercial.key) match.
Error loading file /opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt
19555:error:02001002:system library:fopen:No such file or directory:bss_file.c:1 26:fopen('/opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt','r')
19555:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:
19555:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system li b:by_file.c:274:
It seems obvious that the second error explains the invalid chain error, but I don't understand how I can generate a commercial_ca.crt.
We are using Zimbra Release 6.0.1_GA_1816.UBUNTU8_64 UBUNTU8_64 FOSS edition.
The new certificate has a 5 year validity.
Zimbra was upgraded since the last certificate installation.
Thanks for any input on this matter :-)