In my workplaces is a Zimbra Authorized Partners offering Zimbra Mail Server visit maintenance or remote service.
One of favorite service of PT Excellent Infotama Kreasindo is Zimbra VPS Cloud, where client can using their email server for company without Investing a Hardware and Email Administrator, because the server will be handled professionaly with us. If client have a obstacle with server, the team support will be happy for help.
And i was one of the support team for the service. Every order comes, I demanded to be faster in the setup. One of the trick, i made a simple bash script for Generate Zimbra SSL (CSR) Certificate.
Refers to Zimbra Wiki, the command for Generate CSR are :
Single Domain
/opt/zimbra/bin/zmcertmgr createcsr comm -new -subject "/C=ID/ST=Jawa Barat/L=Bekasi/O=PT Excellent Infotama Kreasindo/OU=IT/CN=mail.excellent.co.id" -subjectAltNames mail.excellent.co.id
Multi Domain (UCC)
/opt/zimbra/bin/zmcertmgr createcsr comm -new -subject "/C=ID/ST=Jawa Barat/L=Bekasi/O=PT Excellent Infotama Kreasindo/OU=IT/CN=mail.excellent.co.id" -subjectAltNames mail.excellent.co.id,mail.dhenandi.web.id,www.fiqmanaufal.com
Wildcard Domain
/opt/zimbra/bin/zmcertmgr createcsr comm -new -subject "/C=ID/ST=Jawa Barat/L=Lokasi/O=PT Excellent Infotama Kreasindo/OU=IT/CN=*.dhenandi.web.id"
With the command, i had to change one by one for the Certificate identity by directing mouse or keyboard to the each of field, so lazy 😀 At least, with my simple script, i can fill the field with Just Hit the “Enter” key :-P.
Okay, you can test the script with download it. First, login into your Zimbra Server with SSH, download the script with wget or w3m, change the permissions, then Execute the script and you just fill one by one the field.
Finally, the script will be automaticaly generate CSR according the value. Here :
wget -c https://dhenandi.com/repo/automaticaly-generate-csr-zimbra.sh chmod +x automaticaly-generate-csr-zimbra.sh ./automaticaly-generate-csr-zimbra.sh
Screen shoot :
Okay, If you have any further information on this script. Pleaseee, fell free to contact me, Thank You 😉
UPDATE ZIMBRA 8.7!!!
If you using zimbra 8.7 , you must run it by zimbra user.
chown -R zimbra:zimbra automaticaly-generate-csr-zimbra.sh su - zimbra ./automaticaly-generate-csr-zimbra.sh
1 Comment
Eddie InfoSec · February 11, 2019 at 9:45 pm
Thanks for your script, but i would need to integrate the CSR from CloudFlare to my server ( mail.domain.tld ), as i’m using already the same CSR for the same domain.tld