Install a SSL Certificate on Zimbra 8 and Ubuntu Server 12.04 LTS

Source: Zimbra Wiki

I bought a commercial SSL certificate and wanted to install it on the Zimbra server. This method uses Zimbra’s zmcertmgr in terminal. First create a csr and get your SSL certificate:

openssl req -nodes -newkey rsa:2048 -keyout server.key -out server.csr

If the intemediary CA and root CA’s came in separate, files combine them. I was using Comodo’s Positive SSL certificates. In Ubuntu terminal,

cat PositiveSSLCA2.crt AddTrustExternalCARoot.crt  > ca_chain.crt

Next, I renamed the server’s SSL certificate to commercial.crt and then verified server’s certificate with the following command:

/opt/zimbra/openssl/bin/openssl verify -CAfile ca_chain.crt commercial.crt

And finally, install the certificate using zmcertmgr

/opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt ca_chain.crt

You can verify that the installation was successful with the following command:

 /opt/zimbra/bin/zmcertmgr viewdeployedcrt

If everything looks okay, restart Zimbra.

zmcontrol restart

Update for Zimbra 8.5

http://wiki.zimbra.com/wiki/Installing_a_GeoTrust_Commercial_Certificate

You need to use the Zimbra’s tool for generating the CSR, or else the private key used in ZCS won’t match.

Blog

by Alex Kuo

Install a SSL Certificate on Zimbra 8 and Ubuntu Server 12.04 LTS

Update for Zimbra 8.5