Hi,
I'm installing Zimbra, and using acme.sh to deploy my cert:
acme.sh --install-cert -d example.com \
--cert-file /opt/zimbra/ssl/letsencrypt/cert.pem \
--key-file /opt/zimbra/ssl/letsencrypt/privkey.pem \
--fullchain-file /opt/zimbra/ssl/letsencrypt/chain.pem
So far, so good.
Zimbra explains here how to deploy the LE cert, but it fails the validation:
# su - zimbra -c '/opt/zimbra/bin/zmcertmgr verifycrt comm \
/opt/zimbra/ssl/letsencrypt/privkey.pem \
/opt/zimbra/ssl/letsencrypt/cert.pem \
/opt/zimbra/ssl/letsencrypt/chain.pem'
** Verifying '/opt/zimbra/ssl/letsencrypt/cert.pem' against '/opt/zimbra/ssl/letsencrypt/privkey.pem'
Certificate '/opt/zimbra/ssl/letsencrypt/cert.pem' and private key '/opt/zimbra/ssl/letsencrypt/privkey.pem' match.
** Verifying '/opt/zimbra/ssl/letsencrypt/cert.pem' against '/opt/zimbra/ssl/letsencrypt/chain.pem'
ERROR: Unable to validate certificate chain: C = US, O = Internet Security Research Group, CN = ISRG Root X1
error 2 at 2 depth lookup: unable to get issuer certificate
error /opt/zimbra/ssl/letsencrypt/cert.pem: verification failed
What am I doing wrong here?
Thanks.