The following instructions will guide you through the SSL Certificate installation process on a Zimbra Mail Server. If you have more than one server or device, you will need to install the certificate on each server or device you need to secure.
You can install your SSL Certificate in two ways:
A. Zimbra Administration Console – Web Interface
B. Zimbra Certificate Manager – Command Line Interface (CLI)
sudo su su zimbraOnce the user is switched to the Zimbra user, restart the services using following command:
zmcontrol restartThat's it. Your certificate is now successfully installed on your Zimbra server.
The Zimbra package comes with "zmcertmgr" tool for handling SSL Certificates.
For Version 8.6 or lower, this tool must be accessed as root. If you have version 8.7 or later, you should run this tool as a zimbra user. Run the command below to switch from the default user to a zimbra user.
sudo su su zimbra
cat /tmp/ca_intermediary.crt /tmp/root_ca.crt > /tmp/ca_chain.crt
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/server_domain_com.crt /opt/server_domain_com.ca-bundle
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/server_domain_com.crt /opt/server_domain_com.ca-bundle
sudo su su zimbraOnce the default user is switched to the Zimbra user, run the following command to restart the server:
Your certificate is now installed. You can navigate to your site in a web browser and view the certificate/site information to verify if HTTPS/SSL is working properly.