Single-Node Self-Signed Certificate
1. Begin by generating a new Certificate Authority (CA).
zmcertmgr createca -new
2. Then generate a certificate signed by the CA that expires in 365 days.
zmcertmgr createcrt -new -days 365
3. Next deploy the certificate.
zmcertmgr deploycrt self
4. Next deploy the CA.
zmcertmgr deployca
5. To finish, verify the certificate was deployed to all the services.
zmcertmgr viewdeployedcrt
6. and the last think..
/opt/zimbra/java/bin/keytool -import -alias root -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /opt/zimbra/conf/ca/ca.pem
/opt/zimbra/java/bin/keytool -import -alias root -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /opt/zimbra/conf/ca/ca.pem
Tidak ada komentar:
Posting Komentar