Text Size

Zimbra: Certificate Expiration and Renewal

This article is mainly to prepare myself for possible upcoming certification renewals.

Zimbra ZCS 7.0.x requires a valid self-signed or commercial SSL certificate for communication between some components. The self-signed certificates that are automatically created by the ZCS install have a default expiration of 365 days.
If you have an ZCS installation that is over one year old and are using self-signed certificates, your certificates will need to be updated either prior to the upgrade or immediately following the upgrade.
After you upgrade, the following commands run as the zimbra user will regenerate the self-signed SSL certificates:

# sudo zmcertmgr createca -new
# sudo zmcertmgr deployca
# sudo zmcertmgr deploycrt self

If you get an error like:

# zmcertmgr createca -new
[sudo] password for zimbra:

Then make sure you type the commands using the full path (because that is the way sudo probably is configured):

# sudo /opt/zimbra/bin/zmcertmgr createca -new
# sudo /opt/zimbra/bin/zmcertmgr deployca
# sudo /opt/zimbra/bin/zmcertmgr deploycrt self

Latest Tweets

Gefeliciteerd @JumboSupermarkt en maker @IceMobile (@brandloyalty) met de beste mobiele app onder de ‘super-apps’! pic.twitter.com/MtFPln00kJ

Retweeted 5 days ago8 retweets

Zo, dit is een schitterend verhaal. LOL! RT @JustineTunney: This is what it means to be English. pic.twitter.com/a5JVzooIv6

Retweeted 1 week ago142 retweets

Weet je nog van die school die excuus aanbood voor het ophangen van de Charlie Hebdo voorpagina? pic.twitter.com/87O83Y10Ew

Retweeted 1 week ago842 retweets