Skip to content

Zimbra Server Installation

 Method 1: Via Zimbra Admin Console

 
1. Login to your Zimbra Admin Console using a browser.

2. In the left navigation pane under Home click Configure. Click Certificate.

User-added image

3. On the right of the Zimbra Admin console click on the settings icon and select Install Certificate.

4. The Certificate Installation Wizard will pop up.

5. Under Server Name Select the Target server you are going to install the certificate for. Click Next

User-added image

6. Select the option Install the commercial signed certificate. Click Next.

User-added image

7. If all the info in the review windows is ok, press Next button

User-added image

8. Upload the files in their respective places. (If have not received a zip with four files, then please contact our support.)

 User-added image

9. After uploading the files, click 'Install'.

User-added image

10. Restart the Zimbra services.

 Finally, you can return to the Admin Console and View the installed Certificate. 

User-added image


Method 2: Via CLI


1. Your certificate ZIP file will be sent by email. The certificate ZIP is included as an attachment and certificate file is also imbedded in the body of the email.


2. Copy and paste the certificate into a text file (save as commercial.crt) using Vi or Notepad. Place this file in the following directory /opt/zimbra/ssl/zimbra/commercial/

The text file should look like:

-----BEGIN CERTIFICATE-----
    
        [encoded data]

-----END CERTIFICATE-----

3. Open the CAbundle that you received on a ZIP file using a text editor or Vi and save it as (commercial_ca.crt). Place this file in the following directory /opt/zimbra/ssl/zimbra/commercial/

Note: If you are using notepad, then click 'Save as' and in the save location window, choose 'save as' type as 'ALL files' and give the file name as commercial_ca.crt.


4. Also, rename your private key file as commercial.key and move it to the same directory where we have placed other certificate files /opt/zimbra/ssl/zimbra/commercial/

5. Now since you have all the files in the same directory, we can now enable the certificate. But first, let's Validate the Certificate Chain using the below command,

/opt/zimbra/openssl/bin/openssl verify -CAfile commercial_ca.crt commercial.crt

If successful, you’ll get back a response like <cert name>: OK

6. Finally deploy your certificate using the following command,

/opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt

7. Restart the Zimbra Services

zmcontrol restart


8. Once an SSL certificate is configured on your Zimbra Server, you should check the certificate information using SSL Analyzer tool (https://www.ssllabs.com/ssltest/) that will help you to find SSL issues.

9. Bonus : How to make Zimbra Super secure

Reference: https://wiki.zimbra.com/wiki/Installing_a_Comodo_SSL_Certificate_on_Zimbra_Collaboration