We just upgraded one of our Zimbra servers from 4.5.11 to 5.0.4, and like others who have posted here, the GoDaddy commercial certificates failed to be incorporated as part of the upgrade.
The good news (I hope) is that we did the upgrade by going from 32-bit SuSE ES9 on one server to 64-bit SuSE ES10 on a second server, so the original SLES9 server is still there, along with all the csr files, certificate bundles, etc. (FWIW We did the upgrade by following the Zimbra Certified 32-bit to 64-bit migration document, and then just upgrading 4.5.11 on the new server to 5.0.4.)
I've read through a lot of bug reports and forum posts in the past few hours on this, and no one else's scenario quite matches ours, hence, this post.
The 5.0.4 Install Certificate Wizard is nice, but it won't let me install a certificate if I didn't use the wizard to generate a csr.
Perhaps there is a way I can "fool" the Wizard by copying the csr file from the old server to the new one?
The wiki article on CLI certificate installs looks promising, but is not clear to me how to concatenate the various GoDaddy files, nor in which order. There is a forum post about the concatenation not putting in a proper CRLF, and enough other posts indicating that messing up certs can be a bear to fix.
So, I'm more keen to "measure twice and cut once" rather than experiment!
The output of:
keytool -list -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`
shows four certificates: root, cross, intermed and our server's. But the admin UI shows only the two Zimbra self-signed certs (MTA and LDAP).
Any takers on a Sunday with nothing better to do? :-)
With best regards to all,