Let’s Encrypt on Ca...
Clear all

Let’s Encrypt on Carbonio – Easy as never before

2 Posts
2 Users
Joined: 10 months ago
Posts: 304
Topic starter  

Most of you already know Carbonio bring it's own certbot client to issue Let's Encrypt certificates, but there are some steps needed to get it working as expected.

That's why i wrote this little guide to help us doing it

Let’s Encrypt on Carbonio – Easy as never before

Joined: 6 months ago
Posts: 9

It was not possible to apply the Let's Encrypt certificate either according to your instructions or the official instructions.

In the admin panel everything happens as described. But after applying and reloading the proxy configuration the certificate on the services remains self-signed (from carbonio).

I tried to emulate transferring certificates to the system manually, but when checking the validity of the chain (zmcertmgr verifycrt comm ...), the system gives an error, which is due to the fact that carbonio, like zimbra, only accepts RSA keys.

I was able to install a certificate for two domains at the same time using instructions from the zimbra website: https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate

This is how I received the certificate, then I used the instructions in the link above:

/opt/zextras/libexec/certbot certonly --force-renew --preferred-chain "ISRG Root X1" --key-type rsa --agree-tos --email my@example.com -n --keep --webroot -w /opt/zextras --cert-name example.com -d mail.example.com -d mail.example2.com