To deploy the wildcard SSL certificate below are the following steps:
- The initial file (.key) which is used for the SSL is CSR file which is generated on the server. But in case of wild card the CSR file can be generated on any server
- The certificate file (.crt ) is the main file of the SSL of the desired domain name
- The CA Intermediate and root files must be merged into one file (.crt)
- These three files will be used in the deployment and configuration of SSL certificates
- I purchase my certificate from the COMODO SSL vendor and got six certificate files,create a dir in /tmp named ssl and move these certificates
#mkdir /tmp/ssl
AddTrustExternal
CARoot.crt
domain_name.key
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
ssl-bundle.crt
STAR_domain_name_com.crt
- Rename the domain_name.key file name to commercial.key and moved to the path /opt/zimbra/ssl/zimbra/commercial
- All these certificates are merged into ssl-bundle.crt except the main certificate (STAR_domain_name_com.crt)
- Before the validation process rename the ssl-bundle.crt to ca_chain.crt
- In the validation process of the SSL certificate run the below command
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/ssl/STAR_domain_name_com.crt /tmp/ssl/ca_chain.crt
- To deploy the SSL certificate run the below command with root user
/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/ssl/STAR_domain_name_com.crt /tmp/ssl/ca_chain.crt
- Restart the zimbra email sever with zimbra user
#su - zimbra
#zmcontrol restart
- We can also verify the certificates that are deployed
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
I got this site from my pal who told me concerning this
ReplyDeletewebsite and at the moment this time I am browsing this web page and reading very informative posts at this time.