Zimbra Forums

Zimbra Collaboration & Zimbra Desktop Forums
https://forums.zimbra.org/

Install Commercial SSL to OpenSource Zimbra server

https://forums.zimbra.org/viewtopic.php?t=64988

Page 1 of 1

Install Commercial SSL to OpenSource Zimbra server

Posted: Tue Oct 09, 2018 3:46 am
by vinhhv
Hi all,
I have a open source Zimbra server (6.0.2_GA_192.RHEL4_20091020152629 CentOS4 FOSS edition) and i using Self-Singed Certificate
I have a issue with Apple device when they upgrade policy in IOS 12 version
I purchase positiveSSL from Comondo and install it in my our server but not sucessfully
When i check the Key is OK
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt /opt/tool/ssl/hcmcexch2.atvn.com.vn.ca-bundle
** Verifying /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (/opt/tool/ssl/hcmcexch2.atvn.com.vn.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt: OK

But i cannot deploy
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt /opt/tool/ssl/hcmcexch2.atvn.com.vn.ca-bundle
** Verifying /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (/opt/tool/ssl/hcmcexch2.atvn.com.vn.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt: OK
** Copying /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Appending ca chain /opt/tool/ssl/hcmcexch2.atvn.com.vn.ca-bundle to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Saving server config key zimbraSSLCertificate...done.
** Saving server config key zimbraSSLPrivateKey...done.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...failed.

XXXXX ERROR: failed to create jetty.pkcs12
No certificate matches private key

have anybody can help me to solve this issue?
Thanks and Regards,
Vinh

Re: Install Commercial SSL to OpenSource Zimbra server

Posted: Tue Oct 09, 2018 9:54 am
by pup_seba
First time i see that error but the first google search result returned this: https://wiki.zimbra.com/wiki/Failed_to_ ... tty.pkcs12

Imagevia Imgflip Meme Generator

Re: Install Commercial SSL to OpenSource Zimbra server

Posted: Thu Oct 11, 2018 2:14 am
by vinhhv
Thank you so much.
My issue is fix and my solution is
"Ensure there's a newline at the end of each cert. If there isn't, the end of one cert and the beginning of the next cert cat on the same line, causing this error. If it isn't this, check for other similar formatting errors in the certs, like an extra space at the end of each line, etc. " as the following https://wiki.zimbra.com/wiki/Certificate_errors
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited