Install a Sectigo Domain Validation SSL certificate in Zimbra

We usually get the below four files from Sectigo in the certificate bundle. The file name may vary depending on the certificate type

  1. yourdomain.com.crt – main certificate
  2. AAACertificateServices.crt – Root Certificate
  3. USERTrustRSAAAACA.crt – Intermediate Certificate – 1
  4. SectigoRSADomainValidationSecureServerCA.crt – Intermediate Certificate – 2

Step 1: We shall create two files as below.

commercial_ca.crt (includes root certificate and two intermediate certificates)
commercial.crt (includes main certificate, root certificate and two intermediate certificates)

Step 2: Login to Zimbra server, move to directory /opt/zimbra/ssl/zimbra/commercial and create two files as below.

root@mail:~# cd /opt/zimbra/ssl/zimbra/commercial/
root@mail:/opt/zimbra/ssl/zimbra/commercial# touch commercial_ca.crt
root@mail:/opt/zimbra/ssl/zimbra/commercial# touch commercial.crt

Continue reading “Install a Sectigo Domain Validation SSL certificate in Zimbra” »

Share

Sectigo SSL certificate installation on Zimbra

1. Login to your Zimbra Admin Console using a browser.

2. In the left navigation pane under Home click Configure. Click Certificate.

3. On the right of the Zimbra Admin console click on the settings icon and select Install Certificate.

4. The Certificate Installation Wizard will pop up.

5. Under Server Name Select the Target server you are going to install the certificate for. Click Next Continue reading “Sectigo SSL certificate installation on Zimbra” »

Share

Fix: Unable to start TLS: SSL connect attempt failed error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed when connecting to ldap master.Cannot determine services – exiting

My ZImbra 8.6 was throwing the following error once after my letsencrypt SSL got expired:

Unable to start TLS: SSL connect attempt failed error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed when connecting to ldap master.Cannot determine services - exiting

The Fix:

In order to fix the problem you need to modify the following parameters as Zimbra user:

zmlocalconfig -e ldap_starttls_required=false
zmlocalconfig -e ldap_starttls_supported=0

Then restart zimbra by using

zmcontrol restart

Hope it’ll restarted

Share