Install SSL on Zimbra Mail

This tutorial helps you setup SSL on Zimbra Mail.

Zimbra-SSL_opt

Step 1 Install SSL Packages using following command:

# yum install mod_ssl openssl

Step 2 First we generate csr and key file using below command:

# openssl req -new -newkey rsa:2048 -nodes -keyout techoism.key -out techoism.csr
Generating a 2048 bit RSA private key

And fill below information:

Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:California
Locality Name (eg, city) [Default City]:San Jose
Organization Name (eg, company) [Default Company Ltd]:Techoism Ltd.
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:Techoism
Email Address []:dennis.R@techoism.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Step 3 We need to Download Root CA and Intermediate CA certificate from DigiCert.

Step 4 Next, we need to Merge DigiCert CA bundle, Root CA and Intermediate CA Certificate and Replace DigiCert CA bundle with merge file.

Step 5 Replace new certificate name with previous certificate name

Step 6 Run the following command to validate the certificate chain:

# /opt/zimbra/openssl/bin/openssl verify -CAfile commercial_ca.crt RootCA.crt

Step 7 Once the certificate chain is validated, you can run the following command to enable the new certificate for use:

# /opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt

Step 8 Run the following command to restart the zimbra service:

# /etc/init.d/zimbra restart

@Note: Default location of SSL in Zimbra “/opt/zimbra/ssl/zimbra/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.