Difference between revisions of "Zimbra tls certificates"

From UVOO Tech Wiki
Jump to navigation Jump to search
(Created page with "Include on certbot ``` --preferred-chain "ISRG Root X1" --force-renewal ``` ``` wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt cat /tmp/ISRG-X1.pe...")
 
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
Include on certbot
+
## Error
 +
```
 +
        Starting ldap...Done.
 +
Unable to start TLS: SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed when connecting to ldap master.
 +
```
 +
 
 +
Include on certbot might be needed
 +
- https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate
 
```
 
```
 
--preferred-chain "ISRG Root X1" --force-renewal
 
--preferred-chain "ISRG Root X1" --force-renewal
 
```
 
```
 +
 +
- commercial.crt
 +
- commercial.key
 +
- commerical.chain.pem
 +
- Not sure if you can use full chain
  
 
```
 
```
 +
cp * /opt/zimbra/ssl/zimbra/commercial/
 
  wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
 
  wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
cat /tmp/ISRG-X1.pem >> /opt/zimbra/ssl/zimbra/commercial/chain.pem
+
cat /tmp/ISRG-X1.pem >> /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ss
+
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
l/zimbra/commercial/cert.pem /opt/zimbra/ssl/zimbra/commercial/chain.pem
+
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
  
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/cert.pem /opt/zimbra/ssl/zimbra/commercial/chain.pem
+
zmcontrol restart
  
zmcontrol restart
 
  
 
```
 
```

Latest revision as of 20:13, 26 May 2024

Error

        Starting ldap...Done.
Unable to start TLS: SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed when connecting to ldap master.

Include on certbot might be needed - https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate 

--preferred-chain "ISRG Root X1" --force-renewal
  • commercial.crt
  • commercial.key
  • commerical.chain.pem
  • Not sure if you can use full chain
cp * /opt/zimbra/ssl/zimbra/commercial/
 wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
cat /tmp/ISRG-X1.pem >> /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.crt /opt/zimbra/ssl/zimbra/commercial/commercial.chain.pem

zmcontrol restart
Retrieved from "https://tech.uvoo.io/index.php?title=Zimbra_tls_certificates&oldid=5276"