Hello,

I am attempting to install a GoDaddy cert with my (otherwise wonderful) Zimbra setup.


First I am generating a csr and key with openssl -

Code:
[root@cloud3:~/certs ] #:openssl genrsa -des3 -out cloud3.key 2048
Generating RSA private key, 2048 bit long modulus
...................................................................................+++
.........+++
e is 65537 (0x10001)
Enter pass phrase for cloud3.key:
6293:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:849:You must type in 4 to 8191 characters
Enter pass phrase for cloud3.key:
6293:error:28069065:lib(40):UI_set_result:result too small:ui_lib.c:849:You must type in 4 to 8191 characters
Enter pass phrase for cloud3.key:
Verifying - Enter pass phrase for cloud3.key:
Code:
[root@cloud3:~/certs ] #:openssl req -new -key cloud3.key -out cloud3.csr 
Enter pass phrase for cloud3.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:NJ
Locality Name (eg, city) []:Summit
Organization Name (eg, company) [Internet Widgits Pty Ltd]:The Jiffy Cloud!
Organizational Unit Name (eg, section) []:Zimbra
Common Name (eg, YOUR name) []:cloud3.jiffycloud.com
Email Address []:bluethundr@gmail.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
All pretty standard.

Then I verify the cert with the appropirate zimbra command:

Code:
[root@cloud3:~/certs ] #:/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/cloud3.key ./cloud3.newdom.com.crt ./gd_bundle.crt
** Verifying ./cloud3.newdom.com.crt against /opt/zimbra/ssl/zimbra/commercial/cloud3.key
Enter pass phrase for /opt/zimbra/ssl/zimbra/commercial/cloud3.key:
Certificate (./cloud3.newdom.com.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/cloud3.key) match.
Valid Certificate: ./cloud3.newdom.com.crt: OK

But when I try to deploy the cert I get this error:

Code:
[root@cloud3:~/certs ] #:/opt/zimbra/bin/zmcertmgr deploycrt comm ./cloud3.newdom.crt ./gd_bundle.crt
** Verifying ./cloud3.newdom.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
XXXXX ERROR: Can't find private key  /opt/zimbra/ssl/zimbra/commercial/commercial.key  
XXXXX ERROR: provided cert isn't valid.
I made sure to key the cloud3.crt file with the CSR generated above.

It appears to be looking for commercial.key when I need to be using cloud3.key

Suggestions?