Zimbra: update ssl certificate Using the CLI


As example you bought comodo ssl cert and received 2 zip archives.

Unpack STAR.my_domain_com_cert and STAR.my_domain_com_key

Copy private key to /opt/zimbra/ssl/zimbra/commercial folder/

cp STAR.my_domain_com_key.txt /opt/zimbra/ssl/zimbra/commercial/commercial.key

copy STAR.my_domain_com.ca-bundle to /tmp folder

cp STAR.my_domain_com.ca-bundle /tmp/commercial_ca.crt

copy domain cert to /tmp folder

cp STAR.my_domain_com.crt /tmp/commercial.crt

Check under non-root user that your SSL certificate, your private key and the Intermediate CA are OK, this step is important and you should not continue if you receive an error here

/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/commercial.crt /tmp/commercial_ca.crt 

Deploy the commercial certificate with zmcertmgr as the non-root user

/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/commercial_ca.crt

Restart the Zimbra Services

zmcontrol restart