Results 1 to 6 of 6

Thread: Comodo SSL Certificate installation

Hybrid View

  1. #1
    Join Date
    Nov 2009
    Posts
    102
    Rep Power
    5

    Default Comodo SSL Certificate installation

    I created a CSR through the admin console and submitted it to Comodo for my SSL cert. I imported all 5 files they sent to me through the admin console, using Comodo's description of the file to choose the correct files for the roles.

    The web console then tells me I need to restart to take effect. I restart the services via zmcontrol, but the new cert never takes place. When I view the certificates on the machines, the one issued by Zimbra is still there.

    Where can I look to get more information on where this is failing?
    Release 7.1.4_GA_2555.RHEL5_64_20120105094627 CentOS5_64 FOSS edition.

  2. #2
    Join Date
    Nov 2009
    Posts
    102
    Rep Power
    5

    Default

    I followed the steps on this page: Old: Zimbra: Setup SSL Certificate on Zimbra Version 6.x: 7
    New: http://www.linuxnet.ch/zimbra-setup-...a-version-6-x/

    and I cat'ed the certs per this page:

    Installing a Comodo SSL Certificate on ZCS 5.0.x - Zimbra :: Wiki

    The cert now shows up in the admin panel, however I now get this in Zimbra Desktop:
    Code:
    Invalid or untrusted server SSL certificate (details)
    
    proxy.ics-il.com presented a certificate that cannot be verified.
    
    Certificate Issued To 	
    Common Name (CN) 	*.ics-il.net
    Organization Unit (OU) 	EssentialSSL Wildcard
    Organization (O) 	
    Serial Number 	B8BF31330129641734C701EAC8CED0D2
    Certificate Issued By 	
    Common Name (CN) 	EssentialSSL CA
    Organization Unit (OU) 	
    Organization (O) 	COMODO CA Limited
    Certificate Validity 	
    Issued On 	Wed Mar 07 18:00:00 CST 2012
    Expires On 	Sun Mar 08 18:59:59 CDT 2015
    Certificate Fingerprints 	
    SHA1 Fingerprint 	B5C8BE32B1241FDD66FE2DDE9AFF80BA409CC010
    MD5 Fingerprint 	9ACA62B83ED0D33F24E5345452FE41D3
    Last edited by mhammett; 03-20-2013 at 02:17 PM.
    Release 7.1.4_GA_2555.RHEL5_64_20120105094627 CentOS5_64 FOSS edition.

  3. #3
    Join Date
    Nov 2009
    Posts
    102
    Rep Power
    5

    Default

    The webmail shows a green lock, indicating everything is okay.
    Release 7.1.4_GA_2555.RHEL5_64_20120105094627 CentOS5_64 FOSS edition.

  4. #4
    Join Date
    Nov 2009
    Posts
    102
    Rep Power
    5

    Default

    Well, after waiting some time, clients seem to be okay with the situation now. I'm not sure why it works now when it didn't before.
    Release 7.1.4_GA_2555.RHEL5_64_20120105094627 CentOS5_64 FOSS edition.

  5. #5
    Join Date
    Nov 2009
    Posts
    102
    Rep Power
    5

    Default

    Okay, it works on iOS Mail, Zimbra Desktop, Outlook, Windows Live Mail and Windows Mail.

    I can't get it to work on Android. Clues of where to look for troubleshooting information?
    Release 7.1.4_GA_2555.RHEL5_64_20120105094627 CentOS5_64 FOSS edition.

  6. #6
    Join Date
    Nov 2009
    Posts
    102
    Rep Power
    5

    Default

    Per the advice on this page: Dealing with lengthy SSL certificate chains « #!/bin/blog

    I checked the order of my certificates and put them in the right order:

    Code:
    Certificate chain
     0 s:/OU=Domain Control Validated/OU=EssentialSSL Wildcard/CN=*.ics-il.net
       i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=EssentialSSL CA
     3 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=EssentialSSL CA
       i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority
     2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority
       i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
     4 s:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
       i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
     1 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
       i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
    Thus far, this seems resolved.
    Release 7.1.4_GA_2555.RHEL5_64_20120105094627 CentOS5_64 FOSS edition.

Similar Threads

  1. Replies: 1
    Last Post: 04-16-2013, 09:07 AM
  2. installation of wildcard SSL certificate
    By dgsohard in forum Administrators
    Replies: 1
    Last Post: 06-15-2012, 10:16 AM
  3. Replies: 2
    Last Post: 03-31-2011, 11:01 AM
  4. Doubts about the commercial SSL certificate installation
    By clark kent in forum Installation
    Replies: 6
    Last Post: 02-14-2011, 10:26 AM
  5. SSL certificate installation fails
    By TheInfinity in forum Administrators
    Replies: 0
    Last Post: 12-09-2010, 03:06 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •