Difference between revisions of "Zimbra tls certificates"

From UVOO Tech Wiki
Jump to navigation Jump to search
Line 1: Line 1:
 +
## Error
 +
```
 +
        Starting ldap...Done.
 +
Unable to start TLS: SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed when connecting to ldap master.
 +
```
 +
 
Include on certbot might be needed
 
Include on certbot might be needed
 
- https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate
 
- https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate
Line 16: Line 22:
 
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
 
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
 
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
 
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
 +
 +
/opt/zimbra/bin/zmcertmgr deploycrt comm
  
 
zmcontrol restart
 
zmcontrol restart
 +
  
 
```
 
```

Revision as of 20:13, 26 May 2024

Error

        Starting ldap...Done.
Unable to start TLS: SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed when connecting to ldap master.

Include on certbot might be needed - https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate 

--preferred-chain "ISRG Root X1" --force-renewal
  • commercial.crt
  • commercial.key
  • commerical.chain.pem
  • Not sure if you can use full chain
cp * /opt/zimbra/ssl/zimbra/commercial/
 wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
cat /tmp/ISRG-X1.pem >> /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem

/opt/zimbra/bin/zmcertmgr deploycrt comm

zmcontrol restart
Retrieved from "https://tech.uvoo.io/index.php?title=Zimbra_tls_certificates&oldid=5275"