How to deploy wildcard SSL certificate on Zimbra




To deploy the wildcard SSL certificate below are the following steps:
  • The initial file (.key) which is used for the SSL is CSR file which is generated on the server. But in case of wild card the CSR file can be generated on any server
  • The certificate file (.crt ) is the main file of the SSL of the desired domain name
  • The CA Intermediate and root files must be merged into one file (.crt)
  • These three files will be used in the deployment and configuration of SSL certificates
  • I purchase my certificate from the COMODO SSL vendor and got six certificate files,create a dir in /tmp named ssl and move these certificates
       #mkdir /tmp/ssl
AddTrustExternal 
CARoot.crt 
domain_name.key 
COMODORSAAddTrustCA.crt 
COMODORSADomainValidationSecureServerCA.crt 
ssl-bundle.crt 
STAR_domain_name_com.crt
  • Rename the domain_name.key  file name to commercial.key and moved to the path /opt/zimbra/ssl/zimbra/commercial
  • All these certificates are merged into ssl-bundle.crt except the main certificate (STAR_domain_name_com.crt)
  • Before the validation process rename the ssl-bundle.crt to ca_chain.crt 
  • In the validation process of the SSL certificate run the below command
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/ssl/STAR_domain_name_com.crt /tmp/ssl/ca_chain.crt


  •  To deploy the SSL certificate run the below command with root user
    /opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/ssl/STAR_domain_name_com.crt /tmp/ssl/ca_chain.crt



  • Restart the zimbra email sever with zimbra user
     #su - zimbra
     #zmcontrol restart
  • We can also verify the certificates that are deployed
     /opt/zimbra/bin/zmcertmgr viewdeployedcrt





Comments

  1. I got this site from my pal who told me concerning this
    website and at the moment this time I am browsing this web page and reading very informative posts at this time.

    ReplyDelete

Post a comment

Please give your review or ask question ?