ahmed-abdelazim · June 18, 2022 13:03
diff --git a/zimbra-ssl.sh b/zimbra-ssl.sh
 export YourSSLDomain=mail.yourdomain.com
 # Renew or generate cert
 certbot renew
 # Copy cert
 cp /etc/letsencrypt/live/$YourSSLDomain/* /opt/zimbra/ssl/letsencrypt
 chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*

 # if first time copy the key to the right place
 cp /etc/letsencrypt/live/$YourSSLDomain/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key
 # fix permissions
 chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key
 # Login as zimbra
 su zimbra
 cd /opt/zimbra/ssl/letsencrypt
 # Get the right chain
 wget -qO- https://letsencrypt.org/certs/lets-encrypt-r3.pem > chain.pem
 wget -qO- https://letsencrypt.org/certs/isrgrootx1.pem >> chain.pem
 # verify
 /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem
 # Deploy
 /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem
 zmcontrol restart
	export YourSSLDomain=mail.yourdomain.com
	# Renew or generate cert
	certbot renew
	# Copy cert
	cp /etc/letsencrypt/live/$YourSSLDomain/* /opt/zimbra/ssl/letsencrypt
	chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*

	# if first time copy the key to the right place
	cp /etc/letsencrypt/live/$YourSSLDomain/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key
	# fix permissions
	chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key
	# Login as zimbra
	su zimbra
	cd /opt/zimbra/ssl/letsencrypt
	# Get the right chain
	wget -qO- https://letsencrypt.org/certs/lets-encrypt-r3.pem > chain.pem
	wget -qO- https://letsencrypt.org/certs/isrgrootx1.pem >> chain.pem
	# verify
	/opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem
	# Deploy
	/opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem
	zmcontrol restart