Generate CSR and Install an SSL Certificate on Zimbra

Follow the step by step instructions to generate a CSR and Install SSL certificate on Zimbra.

As a collaborative software, Zimbra involves email server and web client along with this software allows users to keep control of their server security and privacy. The software consists of client components, server components and desktop client.

In this article, we will focus on installation of SSL certificate on Zimbra, which is a software suite comprising an email server, desktop client, and web client components. Following below steps that will help you to install SSL certificate on Zimbra.

Generate the CSR On Zimbra

Before installing an SSL certificate on your Zimbra server, you must need certificate signing request (CSR). Follow the instructions to generate a CSR on Zimbra.

Login into Zimbra as a root privilege and provide information in following example command. /opt/zimbra/bin/zmcertmgr createcsr comm -new “/C=US/ST=Utah/L=Lehi/O=Company Inc/OU=Department/CN=your.domain.com”

Where:

Information	Description	Examples
CN	Common Name	www.example.com shop.example.com *.example.com
O	Organization Name	BusinessName LLC
OU	Department	IT Department
L	City/Locality	Forest Hills
ST	State/Province	New York
C	Two digit country code	US

Information

Description

Examples

Common Name

www.example.com
shop.example.com
*.example.com

Organization Name

BusinessName LLC

Department

IT Department

City/Locality

Forest Hills

State/Province

New York

Two digit country code

After running the above command, you will get CSR at location: /opt/zimbra/ssl/zimbra/commercial/commercial.csr

Extract and store the certificates

Once you complete the SSL certificate process, the SSL provider sends a zip file on your email address. Extract all three certificates: Root certificate, Intermediate certificate and the Primary certificate and store all three files on the selected server location.

Create PEM File

To create PEM file, combine all these three files. Copy & paste the content of the data in a new text file with name “commercial.crt”.

Note: Please note that you must copy and paste the files in sequence like primary certificate (your_domain_name.crt), intermediate certificate (your CA.crt) and root certificate (trustedroot.crt). Add BEGIN, and END tags in the certificate content.

Install SSL Certificate On Zimbra

Find “commercial.crt” file on “/opt/zimbra/ssl/zimbra/commercial/” and open it with text editor.
Open primary certificate file (your_domain_name.crt), copy & paste the content in “commercial.crt” file.
Open the intermediate and root certificate files, copy & paste the content in a new file named “commercial_ca.crt” and save it at “/opt/zimbra/ssl/zimbra/commercial/”.
The output of “commercial.crt” text files will look like this:

-----BEGIN CERTIFICATE----- 
(Your Intermediate certificate) 
-----END CERTIFICATE----- 
-----BEGIN CERTIFICATE----- 
(Your Root certificate) 
-----END CERTIFICATE-----

Validate the Certificate Chain

Now you have to run the following command to confirm the certificate chain.

/opt/zimbra/openssl/bin/openssl verify -CAfile commercial_ca.crt commercial.crt

Enable New Certificate

Once your certificate chain is validated, you have to enable your SSL certificate with the following command.

/opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt

Once an SSL certificate is configured on your Zimbra Server, you should check the certificate information using our SSL certificate installation checker tool that will help you to analyze SSL issues.

Related Articles:

Trusted by Millions

SSL2BUY delivers highly trusted security products from globally reputed top 5 Certificate Authorities. The digital certificates available in our store are trusted by millions – eCommerce, Enterprise, Government, Inc. 500, and more.