News, Information and Resources about SSL Certificates
Authorized Reseller

Generate CSR and Install an SSL Certificate on Zimbra

Follow the step by step instructions to generate a CSR and Install SSL certificate on Zimbra.

As a collaborative software, Zimbra involves email server and web client along with this software allows users to keep control of their server security and privacy. The software consists of client components, server components and desktop client.
ssl2buy $9

In this article, we will focus on installation of SSL certificate on Zimbra, which is a software suite comprising an email server, desktop client, and web client components. Following below steps that will help you to install SSL certificate on Zimbra.

Generate the CSR On Zimbra

Before installing an SSL certificate on your Zimbra server, you must need certificate signing request (CSR). Follow the instructions to generate a CSR on Zimbra.

  • Login into Zimbra as a root privilege and provide information in following example command. /opt/zimbra/bin/zmcertmgr createcsr comm -new “/C=US/ST=Utah/L=Lehi/O=Company Inc/OU=Department/”



Information Description Examples
CN Common Name
O Organization Name BusinessName LLC
OU Department IT Department
L City/Locality Forest Hills
ST State/Province New York
C Two digit country code US
  • After running the above command, you will get CSR at location: /opt/zimbra/ssl/zimbra/commercial/commercial.csr

Extract and store the certificates

Once you complete the SSL certificate process, the SSL provider sends a zip file on your email address. Extract all three certificates: Root certificate, Intermediate certificate and the Primary certificate and store all three files on the selected server location.

Create PEM File

To create PEM file, combine all these three files. Copy & paste the content of the data in a new text file with name “commercial.crt”.

Note: Please note that you must copy and paste the files in sequence like primary certificate (your_domain_name.crt), intermediate certificate (your CA.crt) and root certificate (trustedroot.crt). Add BEGIN, and END tags in the certificate content.

Install SSL Certificate On Zimbra

  • Find “commercial.crt” file on “/opt/zimbra/ssl/zimbra/commercial/” and open it with text editor.
  • Open primary certificate file (your_domain_name.crt), copy & paste the content in “commercial.crt” file.
  • Open the intermediate and root certificate files, copy & paste the content in a new file named “commercial_ca.crt” and save it at “/opt/zimbra/ssl/zimbra/commercial/”.
  • The output of “commercial.crt” text files will look like this:
(Your Intermediate certificate) 
(Your Root certificate) 

Validate the Certificate Chain

Now you have to run the following command to confirm the certificate chain.

/opt/zimbra/openssl/bin/openssl verify -CAfile commercial_ca.crt commercial.crt

Enable New Certificate

Once your certificate chain is validated, you have to enable your SSL certificate with the following command.

/opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt

Once an SSL certificate is configured on your Zimbra Server, you should check the certificate information using our SSL certificate installation checker tool that will help you to analyze SSL issues.

Related Articles:

About the Author

Pratik Jogi

Pratik Jogi is a cybersecurity visionary with an Electronics & Communications Engineering degree. He holds esteemed certifications like Microsoft MCSE and MVP. With over two decades dedicated to defending the digital frontier, his expertise in Server, Network, and Cyber Security reflects a genuine commitment to secure digital landscapes against emerging threats.