Zimbra Letsencrypt SSL Renew – Zimbra 8.6 Rumi, September 1, 2018 Let’s Begin: This works if you already have an expired letsencrypt ssl certificate and assuming you have already deployed SSL in you zimbra system. However, if you come up here already, and would like to know how to setup letsencrypt on your system you may read my other article here: https://tweenpath.net/installing-encrypt-zimbra-server/ Log on Zimbra user then stop proxy and mail box service for renew proccess. su zimbra zmproxyctl stop zmmailboxdctl stop Then return root user and renew Letsencrypt certificate exit letsencrypt renew: Change directory to Zimbra Letsecnrpyt SSL folder cd /opt/zimbra/ssl/letsencrypt/ Copy new SSL files to Zimbra Letsencrypt folder then change owner to Zimbra. At this point change {YourSSLDomain} to your domain which is we are working on. cp /etc/letsencrypt/live/{YourSSLDomain}/* . chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/* Add X3 root certificate to our chain.pem nano /opt/zimbra/ssl/letsencrypt/chain.pem -----BEGIN CERTIFICATE----- MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw 7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ -----END CERTIFICATE----- Now let’s check our certificates are verified via Zimbra certificate manager /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem If you see done or OK message in your console, first make a backup of course and update the commercial.key… cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d") cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key Soooo, we are ready to deploy new certificates, run deploycrt command via zmcertmgr. /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem at last, here is a happy restart. su zimbra zmcontrol restart Src: https://gist.github.com/ugurerkan/6e9e3addf9a574ad0c57039164570e6f Related Administrations Configurations (Linux) PKI LetsencryptzimbraZimbra 8.6
Virtual USB and VBoxusergroup Troubleshoot on Linux Host December 16, 2011December 16, 2011 I faced USB issues on both Virtualbox installation on both Debian and CentOS linux host. I really didn't notice the urgency of vboxusers group in running VBox in headless mode! Anyway, following snippets of texts really did help me out solving my USB problems. All credits goes to the VBox… Read More
Install and Secure Redis on CentOS 7 July 21, 2021 Step 1 – Install and Enable Remi Repository Firstly, we will add the Remi repository to the CentOS 7 system. The Remi repository provides the latest version of Redis package for our installation. Before adding the Remi repository, let’s install the EPEL repository and yum utility packages. sudo yum install… Read More
Installing GD.pm on Fedora-5 distro November 9, 2008 Using “yum install GD” or “yum install perl-GD” or any other didn’t help me installing GD perl module. However, an exceptional tricky yum did give me a success. So, let me put it here before I forget to do it in the future! yum -y install perl-GD Related Read More
Thank you very much for such a good tutorial. I am new at zimbra. Please can you explain how can I get new SSL file during renewal process? Suddenly I am a monitor of a live zimbra server and now it’s SSL certificate is expire. I have found that expired certificate was let’s encrypt. your tutorial is very helpful but I don’t understand how to get new file for renewal. Please help me. Reply