Certificate Signing Request (CSR) Generation Instructions for Zimbra 5.0.x, 6.0.x, & 7.0.x Dec 26, 2016
This document provides instructions for generating a Certificate Signing Request (CSR) for Zimbra server. If you are unable to use these instructions for your server, Symantec recommends that you contact Zimbra vendor.
NOTE: To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match.
To generate a Certificate Signing Request (CSR) on Zimbra 5.0.x, 6.0.x, & 7.0.x server, follow one of the methods bellow:
Method 1: Generate CSR using the command line interface:
- Log in as root.
Run the following zmcertmgr command to generate a CSR.
/opt/zimbra/bin/zmcertmgr createcsr comm -new -keysize 2048 -subject "/C=US/ST=California/L=Mountain View/O=My Company/OU=IT Department/CN=$ "The following fields are required when generating a Certificate Signing Request (CSR)
The following fields are required when generating a Certificate Signing Request (CSR)
- Country Name (C): Use the two-letter code without punctuation for country, for example: US or CA.
- State or Province (S): Spell out the state completely; do not abbreviate the state or province name, for example: California
- Locality or City (L): The Locality field is the city or town name, for example: Berkeley.
- Organization (O): If your company or department has an &, @, or any other symbol using the shift key in its name, you must spell out the symbol or omit it to enroll. Example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
- Organizational Unit (OU): This field is optional; but can be used to help identify certificates registered to an organization. The Organizational Unit (OU) field is the name of the department or organization unit making the request.
- Common Name (CN): The Common Name is the Host + Domain Name. It looks like "www.company.com" or "company.com".
For more information on Zimbra server using CLI commands, please click here.
Method 2 Generate CSR through Zimbra Admin Console
- Open a browser window and create CSR through Zimbra Admin Console.
- Login to the Admin Console and click Certificates
- Click Install Certificate
- Select Target Server
- Select Generate the CSR for the Commercial Certificate Authorizer
- Create the CSR, then download and save the CSR file.