Solved

How to renew self-signed certificate in zcs 6.0.6 server?

Posted on 2011-02-28
5
1,685 Views
Last Modified: 2012-05-11
This is using zimbra collaboration suite 6.0.6, for SUSE Linux Enterprise server 11.0. In Zimbra admin console, the certificate is going to expire in 10 days. I'm thinking of renew the cert, how to do it? Should I backup first, and how?
0
Comment
Question by:Balack
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:MCode151
ID: 35022716
The basics:

su - (root)
cp -a /opt/zimbra/conf /opt/zimbra/conf.bak
cp -a /opt/zimbra/ssl /opt/zimbra/ssl.bak
cd /opt/zimbra/bin
./zmcertmgr createcrt -new
./zmcertmgr deploycrt self.
./zmcertmgr viewdeployedcrt
su - zimbra
zmcontrol restart


For other details on length, subject names, or if you wish to re-create the full certificate authority as well please see http://wiki.zimbra.com/wiki/Administration_Console_and_CLI_Certificate_Tools#Single-Node_Self-Signed_Certificate
0
 

Author Comment

by:Balack
ID: 35025479
Hi MCode151,

After executing all the commands as stated by you, how about client side? Do I have to execute any command to renew the cert?
0
 
LVL 5

Accepted Solution

by:
MCode151 earned 500 total points
ID: 35027518
Client side as in end user?

Upon new connection they'll get the new cert (which should happen relatively soon because you restarted) some thick-mail clients if open might prompt you that the cert has changed, other thick-clients & web-browsers save the fingerprint and will notify you when they reopen, or require a close/open, and still others might not say a thing.

In short, there's no 'commands to issue client side'.  It's up to you (depending on your end-user base and their technical abilities/how many might bug you about it) if you want to notify them in advance that you're installing a new certificate, and that they should accept any mail/web client warning prompts.
0
 

Author Comment

by:Balack
ID: 35028783
ok, I got it
0
 

Author Closing Comment

by:Balack
ID: 35033637
Not really test it, but, confident it should works...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now