Zimbra Let’s Encrypt SSL Script Rumi, December 28, 2022 #!/bin/bash -x # SSL certificate installation in Zimbra # with SSL certificate provided by Let's Encrypt (letsencrypt.org) # Check if running as root if [ "$(id -u)" != "0" ]; then echo "This script must be run as root" 1>&2 exit 1 fi read -p 'letsencrypt_email [mail@server]: ' letsencrypt_email read -p 'mail_server_url [mail.server]: ' mail_server_url # Check All variable have a value if [ -z $mail_server_url ] || [ -z $letsencrypt_email ] then echo run script again please insert all value. do not miss any value else # Installation start # Stop the jetty or nginx service at Zimbra level su - zimbra -c 'zmproxyctl stop' su - zimbra -c 'zmmailboxdctl stop' # Install git and letsencrypt cd /opt/ apt-get install git git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt # Get SSL certificate ./letsencrypt-auto certonly --standalone --non-interactive --agree-tos --email $letsencrypt_email -d $mail_server_url --hsts cd /etc/letsencrypt/live/$mail_server_url cat <<EOF >>chain.pem -----BEGIN CERTIFICATE----- MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw 7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ -----END CERTIFICATE----- EOF # Verify commercial certificate mkdir /opt/zimbra/ssl/letsencrypt cp /etc/letsencrypt/live/$mail_server_url/* /opt/zimbra/ssl/letsencrypt/ chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/* ls -la /opt/zimbra/ssl/letsencrypt/ su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem' # Deploy the new Let's Encrypt SSL certificate cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d") cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key sudo chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key su - zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem' # Restart Zimbra su - zimbra -c 'zmcontrol restart' # setting auto https redirect cd /opt && touch https-redirect.sh && chown zimbra:zimbra https-redirect.sh && chmod +x https-redirect.sh cat <<EOF >>/opt/https-redirect.sh zmprov ms $mail_server_url zimbraReverseProxyMailMode redirect EOF su - zimbra -c '/opt/https-redirect.sh' rm /opt/https-redirect.sh fi Related Scripts LetsencryptScriptszimbra
Create logout link in WordPress January 11, 2011 To create your own proper WordPress logout (or sign out) link, you need PHP. PHP Default usage <a href="<?php echo wp_logout_url(); ?>" title="Logout">Logout</a> Logout and Redirect to Current Page <a href="<?php echo wp_logout_url( get_permalink() ); ?>" title="Logout">Logout</a> Logout and Redirect to Homepage <a href="<?php echo wp_logout_url( get_bloginfo('url') ); ?>"… Read More
Clean RDP Sessions June 18, 2022 Just found it useful with the garbage of RDP session to clean- Paste the below lines on a notepad and rename it- rdp_clean.bat. Execute the batch file through cmd line as admin user. @echo off reg delete “HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default” /va /f reg delete “HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers” /f reg add… Read More
URL Redirecting Script October 12, 2008October 12, 2008 Meta Refresh URL Redirect Meta Refresh URL Redirect is an example of a meta refresh URL redirect. The code is quite simple. <meta http-equiv=”refresh” content=”8;url=http://www.seocompany.ca/index.html” /> Meta tag refresh is known to not be very search engine friendly and is consider spammy because of its misuse. If you keep it… Read More
Quite simple. If you an installed zimbra- save the script using a text editor and then run- bash Reply
Hey Rumi . Thanks forshare . I. Have 2 doamain on a samse server . Can you write a script for this. Reply
Hello Rumi. Thanks for the knowledge you shared. I need your help with my problem. I had 2 domain on same server. Can u write a script install and auto renew for it . I Renew SSL manually through the tutorial : certbot certonly –standalone –preferred-chain “ISRG Root X1” -d mail.domain1.com -d mail.domain2.com Reply
Here’s the trick part- ./letsencrypt-auto certonly –standalone –non-interactive –agree-tos –email $letsencrypt_email -d $mail_server_url –hsts cd /etc/letsencrypt/live/$mail_server_url Reply
letsencrypt_email [mail@server]: admin@xxx.com mail_server_url [mail.server]: mail.xxx.com Stopping proxy…done. Stopping mailboxd…done. LE_Script.sh: line 28: apt-get: command not found Cloning into ‘letsencrypt’… remote: Enumerating objects: 98614, done. remote: Counting objects: 100% (549/549), done. remote: Compressing objects: 100% (287/287), done. remote: Total 98614 (delta 311), reused 455 (delta 256), pack-reused 98065 Receiving objects: 100% (98614/98614), 48.29 MiB | 19.91 MiB/s, done. Resolving deltas: 100% (73285/73285), done. LE_Script.sh: line 33: ./letsencrypt-auto: No such file or directory LE_Script.sh: line 34: cd: /etc/letsencrypt/live/mail.xxx.com: No such file or directory cp: cannot stat ‘/etc/letsencrypt/live/mail.xxx.com/*’: No such file or directory chown: cannot access ‘/opt/zimbra/ssl/letsencrypt/*’: No such file or directory total 8 drwxr-xr-x 2 root root 4096 Jun 4 21:46 . drwxr-xr-x 8 zimbra zimbra 4096 Jun 4 21:46 .. ** Verifying ‘cert.pem’ against ‘privkey.pem’ ERROR: Can’t read file ‘privkey.pem’ ERROR: Can’t read file ‘cert.pem’ cp: cannot stat ‘/opt/zimbra/ssl/letsencrypt/privkey.pem’: No such file or directory chown: cannot access ‘/opt/zimbra/ssl/zimbra/commercial/commercial.key’: No such file or directory ERROR: open input ‘cert.pem’ failed: No such file or directory Reply