Results 1 to 7 of 7

Thread: Commercial SSL certtificate installation

  1. #1
    Join Date
    Nov 2005
    Posts
    13
    Rep Power
    10

    Default Commercial SSL certtificate installation

    Can anyone point me to a list of the steps required to install a commercial SSL certificate? I would like to install a wildcard SSL cert that we obtained from GoDaddy.

    GoDaddy has options to select a certificate type. I chose 'tomcat'. Is this correct? Can I use the same cert for the MTA etc?

  2. #2
    Join Date
    Jan 2006
    Posts
    88
    Rep Power
    9

    Default Cert Installation Question

    I am also unclear as to how to install a certificate in zimbra.

    I have a certificate intended for a webserver, that I had created for zimbra.raydiance-inc.com. Provided by GeoTrust.

    I have the server.crt and the server.crt.key files, which contain the public and private key's respectively. How can I install these.

    The admin.pdf guide makes mention of the zmcertinstall command, but in reference to self signed certificate installation.

    My ultimate goal is to provide SSL encryption for IMAP/POP3/SMTP and the webgui.
    Last edited by jonnyRo; 02-13-2006 at 08:31 AM.

  3. #3
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    You can use zmcertinstall to do this. Just point to your .crt and .key file. Run it once for mta and once for mailbox.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  4. #4
    Join Date
    Jan 2006
    Posts
    88
    Rep Power
    9

    Default Small problem, worked for mta but not for mailbox

    I get this error when running it for mailbox.

    zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key
    ** Importing server cert

    keytool error: java.lang.Exception: Public keys in reply and keystore don't match
    [zimbra@zimbra ~]$

  5. #5
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default cert install

    Quote Originally Posted by jonnyRo
    I get this error when running it for mailbox.

    zmcertinstall mailbox ssl/ssl/server/server.crt ssl/ssl/server/server.key
    ** Importing server cert

    keytool error: java.lang.Exception: Public keys in reply and keystore don't match
    [zimbra@zimbra ~]$
    Are server.crt and server.key the files for your "real" cert? Not your self-signed cert?

    You'll need to delete the tomcat cert, first, since it appears to be trying to match it up with the csr that's in there:
    keytool -delete -keystore /opt/zimbra/tomcat/conf/keystore -alias tomcat

    Then try the certinstall

  6. #6
    Join Date
    Jan 2006
    Posts
    88
    Rep Power
    9

    Default Keystore password?

    It asks me for the keystore password when I go to delete it. Is there an easy way to find out what this password is? Perhaps it's somewhere in the LDAP database.

  7. #7
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default keystore

    Quote Originally Posted by jonnyRo
    It asks me for the keystore password when I go to delete it. Is there an easy way to find out what this password is? Perhaps it's somewhere in the LDAP database.
    keystore pass is "zimbra"

Similar Threads

  1. Install a commercial SSL certificate ??
    By nick20 in forum Installation
    Replies: 6
    Last Post: 06-23-2010, 04:08 AM
  2. Installing commercial ssl on zimbra cs (network ed.)
    By keithop in forum Administrators
    Replies: 4
    Last Post: 04-28-2009, 05:16 PM
  3. Commercial SSL Certificates and IMAP/POP
    By manthrax3 in forum Administrators
    Replies: 8
    Last Post: 10-27-2007, 05:43 PM
  4. Replies: 2
    Last Post: 03-25-2007, 10:40 PM
  5. Question installing commercial SSL cert
    By jigi in forum Administrators
    Replies: 0
    Last Post: 02-13-2006, 12:29 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •