SSL Certificate issue in Zimbra
420 views
Skip to first unread message
Rahul Patadiya
May 23, 2014, 9:47:16 AM5/23/14
to vg...@googlegroups.com
Dear Friends,
I have Try to install commercial SSL certificate in zimbra server. I have purchase SSL certificate from COMODO. They have provide three files.
File:
1) domain_name.crt
2) AddTrustExternalCARoot.crt
3) PositiveSSLCA2.crt
I have follow bellow step to install:
# mv domain_name.crt commercial.crt
# cat PositiveSSLCA2.crt AddTrustExternalCARoot.crt > commercial_ca.crt
then i have coppy both file in /opt/zimbra/ssl/zimbra/commercial/. ( two file already exist commercial.csr and commercial.key)
After i will run command for verify new files.
# /opt/zimbra/bin/zmcertmgr verifycrt comm commercial.key commercial.crt commercial_ca.crt
Its give below error:
** Verifying commercial.crt against commercial.key
XXXXX ERROR: Unmatching certificate (commercial.crt) and private key (commercial.key) pair.
So kindly Help for me. I have try also with Admin panel its also give error.
Regards
Rahul Patadiya
Ph: 9998320565
Tejas Barot
May 23, 2014, 9:54:52 AM5/23/14
to VGLUG
Hello,
On Fri, May 23, 2014 at 6:06 PM, Rahul Patadiya <rahul.p...@gmail.com> wrote:
Dear Friends,I have Try to install commercial SSL certificate in zimbra server. I have purchase SSL certificate from COMODO. They have provide three files.File:1) domain_name.crt2) AddTrustExternalCARoot.crt3) PositiveSSLCA2.crtI have follow bellow step to install:# mv domain_name.crt commercial.crt# cat PositiveSSLCA2.crt AddTrustExternalCARoot.crt > commercial_ca.crt
then i have coppy both file in /opt/zimbra/ssl/zimbra/commercial/. ( two file already exist commercial.csr and commercial.key)After i will run command for verify new files.
# /opt/zimbra/bin/zmcertmgr verifycrt comm commercial.key commercial.crt commercial_ca.crt
Its give below error:
** Verifying commercial.crt against commercial.keyXXXXX ERROR: Unmatching certificate (commercial.crt) and private key (commercial.key) pair.
Commercial.csr which you are telling is the same file which you have sent to Commercial Certificate provider !?
You have to put .key and .csr which you have generated and sent commercial certificate provider.
So kindly Help for me. I have try also with Admin panel its also give error.
Yes, It will give you error, You have to match .key and both the CRTs.
Hope this will helps you.
RegardsRahul PatadiyaPh: 9998320565
--
Please read http://www.catb.org/~esr/faqs/smart-questions.html before posting.
You received this message because you are subscribed to the "Vibrant GNU/Linux User Group".
To stop receiving emails from this group, mail to VGLUG+un...@googlegroups.com
To post to this group, send email to VG...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/VGLUG
---
You received this message because you are subscribed to the Google Groups "VGLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vglug+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Thanks & Regards,
Tejas Barot
Linux Consultant,
Red Hat Certified Engineer,
Linux Blog:- http://www.tejasbarot.com
Facebook :- http://www.fb.me/tejasbarot.official
Facebook Page :- http://www.fb.me/AllLinuxUsersBlog
Twitter :- https://twitter.com/imtejasbarot
LinkedIn :- http://in.linkedin.com/in/imtejasbarot
Tejas Barot
Linux Consultant,
Red Hat Certified Engineer,
Linux Blog:- http://www.tejasbarot.com
Facebook :- http://www.fb.me/tejasbarot.official
Facebook Page :- http://www.fb.me/AllLinuxUsersBlog
Twitter :- https://twitter.com/imtejasbarot
LinkedIn :- http://in.linkedin.com/in/imtejasbarot
Rahul Patadiya
May 23, 2014, 10:07:36 AM5/23/14
to vg...@googlegroups.com
Tejas Sir,
Yes, Commercial.csr which you are telling is the same file which you have sent to Commercial Certificate provider.
And I have only set a .csr file to certification provider. and after he has given 3 files below.
Regards
Rahul Patadiya
Ph: 9998320565Tejas Barot
May 23, 2014, 10:16:07 AM5/23/14
to VGLUG
Hello,
On Fri, May 23, 2014 at 7:35 PM, Rahul Patadiya <rahul.p...@gmail.com> wrote:
Tejas Sir,Yes, Commercial.csr which you are telling is the same file which you have sent to Commercial Certificate provider.And I have only set a .csr file to certification provider. and after he has given 3 files below.
You have generated CSR ? If Yes, please share command.
I am sure there will be .key file because if .key file is not matching then its a problem, It will not accept.
Rahul Patadiya
May 23, 2014, 10:29:32 AM5/23/14
to vg...@googlegroups.com
Tejas Sir,
I have generated csr file with below command:
/opt/zimbra/bin/zmcertmgr createcsr comm -new -keysize 2048 "/C=DE/L=Colonge/O=organization name/OU=IT/CN=Domainname"
Regards
Rahul Patadiya
Ph: 9998320565Rahul Patadiya
May 26, 2014, 12:58:06 AM5/26/14
to vg...@googlegroups.com
Tejas Sir,
I have question.
when we create a CSR File by command, that time also require .KEY file generate or not ??
I have only generate a CSR file and give to certi provider. and its given to ssl certi.
Regards
Rahul Patadiya
Ph: 9998320565Tejas Barot
May 26, 2014, 1:11:05 AM5/26/14
to VGLUG
Hi Rahul,
On Mon, May 26, 2014 at 10:25 AM, Rahul Patadiya <rahul.p...@gmail.com> wrote:
Tejas Sir,
I have question.when we create a CSR File by command, that time also require .KEY file generate or not ??I have only generate a CSR file and give to certi provider. and its given to ssl certi.
You have to generate .key for csr and using that .key you should generate .csr file.
Refer this : http://wiki.zimbra.com/wiki/Commercial-SSL-CRT
Reply all
Reply to author
Forward
0 new messages