Let’s Encrypt must be installed on one Linux machine to obtain the proper SSL Certificate, CA Intermediate, and Private Key. It is not required that it be on the same Zimbra Server, but it could save time and help to obtain the renewals, etc.
First Step is to stop the jetty or nginx service at Zimbra level
zmproxyctl stop
zmmailboxdctl stop
Second step is to Install git on the Server (apt-get install git/yum install git), and then do a git clone of the project on the folder we wantNote: On RedHat/CentOS 6 you will need to enable the EPEL repository before install.
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
Let’s now run Let’s Encrypt in auto mode and use the certonly option, because for now the project can’t automatically install the cert on Zimbra servers.
root@zimbra86:~/tmp/letsencrypt# ./letsencrypt-auto certonly --standalone
If you need to have multiple hostnames on the same SSL, so a Multi-SAN, SSL, please run instead, where -d are your domains:
root@zimbra86:~/tmp/letsencrypt# ./letsencrypt-auto certonly --standalone -d xmpp.example.com -d conference.example.com
Read more