This issue is still ongoing and I am getting reasonably dissatisfied with the support I am getting, so I've started trying to troubleshoot by myself some more.
I've noticed that when I run openssl s_client -showcerts -connect mx.trinity.edu.au:443 I get a verify error as follows:
If someone else is running Zimbra on port 443 with an external certificate, can you try the same command and tell me if you're also getting this error?
depth=2 /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
verify error:num=19:self signed certificate in certificate chain
I'm wondering if something in my certificate setup is bad (we should be running entirely on an external ssl cert, not self-signed) and Firefox 2.x is not liking it for some reason.
I guess the gentleman in Zimbra support who has my case can wait a little longer as Firefox 3.0 beta 5 doesn't have any issues connecting, and by the time I get some assistance, it may have been released.
(Don't get me wrong - I really like Zimbra, I'm just pretty appalled that 3+ months after logging this case, I'm being asked for answers to questions that were answered in my original problem description when the case was logged. As someone who worked as a tier 3 technical support person for a large company who specialised in multiplatform Internet server technology solutions, I know that I'd never have let a support ticket flounder like this).