Nuova procedura installazione certificato Zimbra
Ottobre 27, 2021Installare Certbot
snap install core; sudo snap refresh core
apt-get remove certbot
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
certbot renew --dry-run
Creazione certificato
certbot certonly --standalone -d mailserver.DOMINIO.it --preferred-chain "ISRG Root X1"
Installazione certificato
cp /etc/letsencrypt/live/DOMINIO.IT/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key
chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key
wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
cat /tmp/ISRG-X1.pem >> /etc/letsencrypt/live/DOMINIO.IT/chain.pem
mkdir /opt/zimbra/ssl/letsencrypt
cp /etc/letsencrypt/live/mailserver.DOMINIO.it/* /opt/zimbra/ssl/letsencrypt/
su zimbra
cd /opt/zimbra/ssl/letsencrypt
/opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem
cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d")
cd /opt/zimbra/ssl/letsencrypt
/opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem