Since I started using Zimbra close to two years ago, I have had a challenge getting commercial certs to work. Since this is a small server that only supports about 10 users (open source edition) I never spent too much time on the errors and stuck to the self signed certs.
Recently I decided it was time to get legit about it and make the commercial certs work. I have some motivation in that I want to sync with google calendars, I want to use the java mobile app, etc ...
I started by generating a CSR using the admin gui. I submitted that CSR to GoDaddy and they sent back a zip with 4 files. I used the GUI to upload mail.mydomain.com.crt and it said it installed successfully. However thats where the success ended.
Apple's Maill.app complained that the cert was untrusted (as did the iPhone) and firefox still showed the webmail using the self signed cert. I did some diffing and found a thread that discussed the order to upload the files. Some have suggested that I should see multiple fields to upload multiple files - thats not the case with my install:
I then tried to follow these instructions:
Commercial Certificates - Zimbra :: Wiki
I did all the keytool commands under the godaddy section, thinking it maybe the root CA and intermediate certs were missing - they executed fine, but after a reboot nothing has changed.
what am I missing? I'd added certs to all kinds of servers before and never had this kind of confusion or frustration. Every doc suggests a different way to do things.
Thanks in advance!
edited to add: I know the wiki I linked to above is not for 5.x but I wanted to try it.
I've tried to follow Commercial Certificate in 5.x - Zimbra :: Wiki
which suggests the need to concatenate the files... it sounds easy, but there is a lot of room for error there.
Is it simply a matter of doing a: cat rootca.crt >> commercial.crt ; cat intermediate.crt >> commercial.crt .....
or do I need to remove the ____begin certificate__ lines?