Live Chat
Same Certs
Cheapest Price Seal
Less Price

How to Install SSL Certificate on Zimbra Server

Zimbra Collaboration Suite (ZCS) is a free, open-source Email and Collaboration server for enterprises, which includes an email server and web client components used to provide complete messaging and collaboration solutions.

You need to install an SSL certificate in the Zimbra collaboration server for communicating with hosts over SSL/TLS. There are two ways of SSL certificate installation on the Zimbra server:

i) Administration Console (Web Interface)
ii) Certificate Manager (Command Line Interface)

First of all, You will need to generate CSR (Certificate Signing Request) on your ZCS and send the CSR to issuing Certificate Authority (CA) for issuance of a valid SSL certificate.

Generate CSR in Zimbra Collaboration Server via Admin Console:

Follow the instructions to generate CSR file using Zimbra Administration Console:

  1. Login to your Zimbra Administration Console using a browser and navigate to Home > Configure and click the “Certificates” option.Zimbra SSL Admin Console
  1. On the right click on the “settings” icon, click the “Install Certificate” option.install certificate on Zimbra
  1. Now, Certificate Installation Wizard will pop up, where you can select your targeted server name for SSL certificate installation from the left navigation pane, then click the Next button.ZCS Certificate Installation Wizard
  1. Select the “Generate the CSR for the commercial certificate authorizer” option, click Next buttonGenerate CSR Window
  1. Fill details in their respective fields under Certificate Installation Wizard as shown in the below screenshot and click the ‘Next’ buttonzimbra ssl admin console

Please Note:
For Wildcard SSL certificate requests, check the box “Use Wildcard Common Name”.
For Multi Domain SSL certificate requests, you need to specify another Subject Alternative Names in the form field indicated in the picture above.

    1. Next, click the Download the CSR link to save the CSR file that you need to send to Certificate Authority in order to get an SSL certificate.

download csr zimbra Admin

What if you missed the 6th step?

You can locate the generated CSR file under Commercial Directory (e.g. /opt/zimbra/ssl/zimbra/commercial directory/commercial.csr)

SSL Certificate Installation via Zimbra Administration Console:

Extract four certificate files or CAbundle that you received in a ZIP file via email sent from CA (Certificate Authority) includes Primary Certificate File (.crt), Root CA (ICARoot.crt), and both Intermediate CA files.

Follow the instructions to install CA signed SSL certificate files on your targeted server through Zimbra Administration Console.

  1. After selection of target server, click Install the commercially signed certificate option, click NextZimbra Install SSL Admin Wizard
  1. Select Review the CSR request from the left navigation pane, click Next.Review the CSR Request on Zimbra
  1. In the left navigation pane, click Upload the Certificate option to add one by one all certificate files received from CA in their respective places, and then click Next.Upload SSL in Zimbra
  1. Select Install button under a selection of Install the Certificate as shown in the left navigation pane.Install SSL using Zimbra Admin Console
  1. Restart your Zimbra Collaboration Server (ZCS).

Finally, you have configured an SSL certificate on your ZCS Server. You can view the installed certificate upon returning to Admin Console.

SSL Certificate Installation via Command Line Interface (CLI):

Run the following command to generate CSR for Zimbra via Command Line Interface (CLI):

/opt/zimbra/bin/zmcertmgr createcsr comm -new -subject "/C=US/ST=CA/L=LosAngeles/O=Zimbra/OU=Zimbra Collaboration Suite/" -subjectAltNames

You will find generated CSR at following location:


For SSL installation on Zimbra Collaboration Server (ZCS) via CLI, you will have to concatenate (combine) four CAbundle files received from Certificate Authority using a text editor and save the file name as commercial_ca.crt.

Please note: Copy and paste all the files and the data in the sequence like the primary certificate file (your_domain_name.crt), then intermediate certificate (your CA.crt) and in the last root certificate (trustedroot.crt). Always start with the BEGIN, and END tags in the certificate content.

(Your Intermediate certificate) 
(Your Root certificate) 

Now, Place “commercial_ca.crt” file in the following directory


Next, you will have to validate the certificate chain using below command to confirm the certificate chain on Zimbra starting ZCS 8.7 and above:

/opt/zimbra/bin/verify -CAfile commercial_ca.crt commercial.crt
Valid Certificate: OK

You’ll get a response OK, upon successful certificate validation.

Now, Deploy your CA issued SSL certificate using following command:

/opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt

Restart your Zimbra Server using the following command:

zmcontrol restart

Finally, verify the SSL certificate was deployed using the following command:

/opt/zimbra/bin/zmcertmgr viewdeployedcrt

Related Posts:

4.8/5 overall satisfaction rating

Based on 3910 ratings from actual customers

Customer Reviews
"Not a new customer just a new account due to a name change. Love your prices and service. Thanks for everything! Jimmy - Prestacarts Global Commerce"
Jimmy Ray Warren J / TX, United States
"I have to say your tech "Mike" went out of his way to help me setup the CSR for our SSL. I am not a techie, and Mike was extremely helpful and patient with me. You need to hire more support personnel like Mike! Great job Mike!! Thank you for all your help!! Jana"
Jana K
"Been using you guys for several years. Clean built website with a great UI/UX that lets me get to what I need to buy quickly. I couldn't ask for more. Thanks!"
Devin N
5 Star
4 Star
3 Star
2 Star
1 Star