Monday, December 23, 2013

When we install zimbra mail server, then automatically performs zimbra generate Self-Signed Certificate for webmail clients, webmail console, smtp, pop and imap. Self-Signed Certificate valid for one year from installation zimbra mail server. If the expiry date Self-Signed Certificate is not renewed automatically zimbra mail server can not be used to send and receive e-mail because it is considered less safe by zimbra.

To check the validity period on a Self-Signed Certificate zimbra mail server, please do the following :
mail:~ # su - zimbra
zimbra@mail:~> su
mail:/opt/zimbra # zmcertmgr viewdeployedcrt

To install the Self-Signed Certificate on the mail server zimbra is already expired, please run the step-by-step below :

Before installing the Self-Signed Certificate is new, we should first backup the Self-Signed Certificate old with the command :
mail:~ # cp -rf /opt/zimbra/ssl /opt/zimbra/backup

The next is to generate a new Certificate Authority (zmssl.cnf, ca.key, and ca.pem) :
mail:~ # cd /opt/zimbra/bin
mail:/opt/zimbra/bin # ./zmcertmgr createca -new

Then we request the validity period of the Self-Signed Certificate for zimbra mail server, for example for 1 year (365 days) or 2 years (730 days) :
mail:/opt/zimbra/bin # ./zmcertmgr createcrt -new -days 730

Then install deploycrt self & deploy ca :
mail:/opt/zimbra/bin # ./zmcertmgr deploycrt self
mail:/opt/zimbra/bin # ./zmcertmgr deployca

Restart daemon zimbra mail server :
mail:~ # su - zimbra
zimbra@mail:~> zmcontrol restart

Finally It's finished installation Self-Signed Certificate on the mail server zimbra. The next guide I will write how to install commerciale 256-bit encryption certificate from GoDaddy on the mail server zimbra.
Thank You For Reading This Article
Title: Install Self-Signed Certificate in Zimbra Mail Server
Written by achmad saifudin
Give your comments and suggestions on this article. Greetings Bloggers, Thank You


Post a Comment