We are using StartSSL (StartCom) for the ssl certificate. I was able to use the gui in zimbra to generate the csr then request the cert from startcom. I then went back into the certificate wizard on zimbra and installed the new cert. I can see the new cert with the updated dates but still getting error on clients: This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store. Not sure how to continue. Also I work with exchange servers so this zimbra email server is new to me.