What does the certificate installation script look like?
How is it handling the intermediate certs?
4 Likes
not sure what you mean by "certificate installation script" once you have the new certs, you have to manually install them in a specific area of the server , some renaming of the certs, etc.
this is for a zimbra mail server
Ok, so you haven't automated that part.
What are the steps you take when a new cert is issued?
4 Likes
The document is rather lengthy, nonetheless, I have finally got the mail server going, I am appreciative of everybody's input. I need to upgrade the mail server, this one is clearly getting to old, and I need to spend some time on understanding the whole letsencrypt process. Do you know of such tutorial,document etc. that covers everything, all the steps etc ?
For Zimbra this should detail the steps. See: Installing a LetsEncrypt SSL Certificate - Zimbra :: Tech Center
Pay special attention to this section on that page
Support for ECDSA TLS (elliptic curve cryptography ECC) certificates has been added to Zimbra zmcertmgr from Zimbra versions 10.0.6, Joule-8.8.15-Patch-45, Kepler-9.0.0-Patch-38. Let’s Encrypt Certbot defaults to ECDSA secp256r1 (P-256) since version 2.0.0. If you are running out-of-date versions of the software or have another reason why you are required to use RSA certificates. Refer to Installing a LetsEncrypt SSL Certificate - Zimbra :: Tech Center at your own risk as we do not support/test or update documentation for out of date deployments.
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.