1. Create the Key file, it will ask for a password:
openssl genrsa -des3 -out zimbra_password.key 2048
2. Now we want to remove that password
openssl rsa -in zimbra_password.key -out zimbra.key
3. Now we want to req a new CSR, this will let us fill in the details as we see fit
openssl req -new -key zimbra.key -out zimbra.csr
4. This will print us out the details of the CSR so we can verify we are happy with them
openssl req -noout -text -in zimbra.csr
5. Now you will do your GeoCert thing
cat zimbra.csr
6. Paste the contents into field at GeoCert.com
7. Now Retrieve the zip file for Apache, or anything else cuz its the same crap
8. upload the two file from the zip file to your server
a. one is name domain.com.crt we need to copy that to commercial.crt
cp domain.com.crt commercial.crt
b. Now copy that commercial.crt to the correct zimbra location
cp zimbra.key /opt/zimbra/ssl/zimbra/commercial/commercial.key
9. Now verify that the key will fit into the zimbra install
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key commercial.crt GeoTrust_CA_Bundle.crt
10. If that went well, install the cert
/opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt GeoTrust_CA_Bundle.crt
11. Done.
0 comments:
Post a Comment