Results 1 to 6 of 6

Thread: SSL Certificate install in a few easy steps. (with one minor problem)

  1. #1
    Join Date
    Nov 2007
    Posts
    17
    Rep Power
    7

    Talking SSL Certificate install in a few easy steps. (with one minor problem)

    I setup a demo server to test my ssl cert install before going live. It was easy but I do not know how to update postfix to use the cert if this is required. My test box does not send e-mail so I can only test the web interface.

    sudo /etc/init.d/zimbra stop
    keytool -import -trustcacerts -alias root -file TrustedRoot.crt -keystore keystore.key
    keytool -import -trustcacerts -alias digicert -file DigiCertCA.crt -keystore keystore.key
    keytool -import -trustcacerts -alias tomcat -file star_example_org.crt -keystore keystore.key

    vi server.xml
    (make edit below)
    clientAuth="false" sslProtocol="TLS" keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="blabla"/>

    cp /root/ssl/server.key /opt/zimbra/tomcat/conf/
    chown zimbra server.key
    chgrp zimbra server.key

    su zimbra
    zmcontrol start


    Can someone test this to see if any other updates are required.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Welcome to the forums.

    I assume this is a commercial certificate? Did you follow the instructions in the wiki here or here?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Nov 2007
    Posts
    17
    Rep Power
    7

    Default

    I looked at the wiki but it seems very complex compared to my instructions.

  4. #4
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    Quote Originally Posted by webaj View Post
    It was easy but I do not know how to update postfix to use the cert if this is required.
    Hi webaj & welcome to the forums,
    Those wiki articles have been proven time and time again - furthermore it even tells you exactly what you're asking in this section: Extract the private key for use with postfix, perdition, ldap - Commercial Certificates - Zimbra :: Wiki

  5. #5
    Join Date
    Nov 2007
    Posts
    17
    Rep Power
    7

    Default

    I found typos with the wiki and it made me think it was out of date.

    Commercial Certificates/Alternate Commercial SSL Cert HOWTO - Zimbra :: Wiki

    EX.
    h=cert.key
    openssl rsa -in $h.key -out $h.key.live

    gives you a file named cert.key.key and cert.key.key.live

  6. #6
    Join Date
    Nov 2007
    Posts
    17
    Rep Power
    7

    Default

    Quote Originally Posted by mmorse View Post
    Hi webaj & welcome to the forums,
    Those wiki articles have been proven time and time again - furthermore it even tells you exactly what you're asking in this section: Extract the private key for use with postfix, perdition, ldap - Commercial Certificates - Zimbra :: Wiki
    I found typos with the wiki and it made me think it was out of date.

    Commercial Certificates/Alternate Commercial SSL Cert HOWTO - Zimbra :: Wiki

    EX.
    h=cert.key
    openssl rsa -in $h.key -out $h.key.live

    gives you a file named cert.key.key and cert.key.key.live

Similar Threads

  1. Install a commercial SSL certificate ??
    By nick20 in forum Installation
    Replies: 6
    Last Post: 06-23-2010, 03:08 AM
  2. Certificate Change Kicks Moto Q off of SSL Synch
    By theasbcguy in forum Zimbra Mobile
    Replies: 3
    Last Post: 04-14-2008, 12:01 PM
  3. Replies: 1
    Last Post: 11-05-2007, 05:55 PM
  4. Replies: 21
    Last Post: 09-27-2007, 11:49 AM
  5. SSL certificate format problems
    By didde in forum Installation
    Replies: 0
    Last Post: 07-02-2007, 11:03 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •