To install a commercial certificate, e.g. from StartCom (StartSSL), proceed.

  • Be sure to have a proper backup!
  • Change the paths to reflect your environment!
  • If something bad happens, it’s not my fault!

Steps required to put a StartSSL certificate into Zimbra ZCS:

# TODO fix paths first!!!
wget https://www.startssl.com/certs/ca.pem -O /tmp/startcom-ca.pem
wget https://www.startssl.com/certs/sub.class1.server.ca.pem -O /tmp/startcom-sub.class1.server.ca.pem
cat /tmp/startcom-ca.pem /tmp/startcom-sub.class1.server.ca.pem > /tmp/ca_bundle.crt
cp /path/to/your/cert/yourcert.crt /tmp/ssl.crt
cp /path/to/your/cert/yourcert.key /opt/zimbra/ssl/zimbra/commercial/commercial.key
cd /opt/zimbra/bin
./zmcertmgr deploycrt comm /tmp/ssl.crt /tmp/ca_bundle.crt
/opt/zimbra/java/bin/keytool -import -alias new -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /opt/zimbra/ssl/zimbra/commercial/commercial.crt
rm /tmp/ssl.crt
rm /tmp/ca_bundle.crt
sudo -u zimbra /opt/zimbra/bin/zmcontrol stop
sudo -u zimbra /opt/zimbra/bin/zmcontrol start

Good luck!

Benjamin Wiedmann

Benjamin Wiedmann is an IT Professional, Software Developer, Photograph and Musician. Read more...

More Posts - Website

Follow Me:
TwitterLinkedInGoogle Plus


Benjamin Wiedmann

Benjamin Wiedmann is an IT Professional, Software Developer, Photograph and Musician. Read more...

0 Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.