Zimbra Let’s Encrypt SSL Script Rumi, December 28, 2022 #!/bin/bash -x # SSL certificate installation in Zimbra # with SSL certificate provided by Let's Encrypt (letsencrypt.org) # Check if running as root if [ "$(id -u)" != "0" ]; then echo "This script must be run as root" 1>&2 exit 1 fi read -p 'letsencrypt_email [mail@server]: ' letsencrypt_email read -p 'mail_server_url [mail.server]: ' mail_server_url # Check All variable have a value if [ -z $mail_server_url ] || [ -z $letsencrypt_email ] then echo run script again please insert all value. do not miss any value else # Installation start # Stop the jetty or nginx service at Zimbra level su - zimbra -c 'zmproxyctl stop' su - zimbra -c 'zmmailboxdctl stop' # Install git and letsencrypt cd /opt/ apt-get install git git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt # Get SSL certificate ./letsencrypt-auto certonly --standalone --non-interactive --agree-tos --email $letsencrypt_email -d $mail_server_url --hsts cd /etc/letsencrypt/live/$mail_server_url cat <<EOF >>chain.pem -----BEGIN CERTIFICATE----- MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw 7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ -----END CERTIFICATE----- EOF # Verify commercial certificate mkdir /opt/zimbra/ssl/letsencrypt cp /etc/letsencrypt/live/$mail_server_url/* /opt/zimbra/ssl/letsencrypt/ chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/* ls -la /opt/zimbra/ssl/letsencrypt/ su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem' # Deploy the new Let's Encrypt SSL certificate cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d") cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key sudo chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem' # Restart Zimbra su - zimbra -c 'zmcontrol restart' # setting auto https redirect cd /opt && touch https-redirect.sh && chown zimbra:zimbra https-redirect.sh && chmod +x https-redirect.sh cat <<EOF >>/opt/https-redirect.sh zmprov ms $mail_server_url zimbraReverseProxyMailMode redirect EOF su - zimbra -c '/opt/https-redirect.sh' rm /opt/https-redirect.sh fi Related Scripts LetsencryptScriptszimbra
frontaccounting- how to recover admin password October 18, 2010 If you manage to forget the admin password for a company in the system, how do you retrieve or reset it? You can reset the admin password for a company by using phpMyAdmin. Enter the company database and find the correct table prefix f.i. 0_users. Edit the user Admin. Paste… Read More
MySQLDump Shell script for backup April 21, 2013 You can use the following script to dump mysql database and can add to crontab entry for daily backup! #!/bin/sh DAY=`/bin/date +%Y%m%d` TFILE="/backup/MYDB.$DAY.gz" mysqldump -u root -p'MYPASSWORD' MYDB | gzip > $TFILE echo "cache dump completed, dump script by rumi (hasan.emdad@mango.com.bd)" Related Read More
CRON scripts to running in seconds interval June 6, 2014 This problem can be solved with simple bash script. For example, if you need to run a PHP script on every 20 seconds, you can create a bash script like this: #!/bin/bash #Name:myscript.sh #Desc:Run script in every 20 seconds while (sleep 20 && php /path_to_your_script/your_script_name.php) & do wait $!… Read More
Quite simple. If you an installed zimbra- save the script using a text editor and then run- bash Reply
Hey Rumi . Thanks forshare . I. Have 2 doamain on a samse server . Can you write a script for this. Reply
Hello Rumi. Thanks for the knowledge you shared. I need your help with my problem. I had 2 domain on same server. Can u write a script install and auto renew for it . I Renew SSL manually through the tutorial : certbot certonly –standalone –preferred-chain “ISRG Root X1” -d mail.domain1.com -d mail.domain2.com Reply
Here’s the trick part- ./letsencrypt-auto certonly –standalone –non-interactive –agree-tos –email $letsencrypt_email -d $mail_server_url –hsts cd /etc/letsencrypt/live/$mail_server_url Reply
letsencrypt_email [mail@server]: admin@xxx.com mail_server_url [mail.server]: mail.xxx.com Stopping proxy…done. Stopping mailboxd…done. LE_Script.sh: line 28: apt-get: command not found Cloning into ‘letsencrypt’… remote: Enumerating objects: 98614, done. remote: Counting objects: 100% (549/549), done. remote: Compressing objects: 100% (287/287), done. remote: Total 98614 (delta 311), reused 455 (delta 256), pack-reused 98065 Receiving objects: 100% (98614/98614), 48.29 MiB | 19.91 MiB/s, done. Resolving deltas: 100% (73285/73285), done. LE_Script.sh: line 33: ./letsencrypt-auto: No such file or directory LE_Script.sh: line 34: cd: /etc/letsencrypt/live/mail.xxx.com: No such file or directory cp: cannot stat ‘/etc/letsencrypt/live/mail.xxx.com/*’: No such file or directory chown: cannot access ‘/opt/zimbra/ssl/letsencrypt/*’: No such file or directory total 8 drwxr-xr-x 2 root root 4096 Jun 4 21:46 . drwxr-xr-x 8 zimbra zimbra 4096 Jun 4 21:46 .. ** Verifying ‘cert.pem’ against ‘privkey.pem’ ERROR: Can’t read file ‘privkey.pem’ ERROR: Can’t read file ‘cert.pem’ cp: cannot stat ‘/opt/zimbra/ssl/letsencrypt/privkey.pem’: No such file or directory chown: cannot access ‘/opt/zimbra/ssl/zimbra/commercial/commercial.key’: No such file or directory ERROR: open input ‘cert.pem’ failed: No such file or directory Reply