An SSL certificate can be installed for each domain. Zimbra Proxy must be installed and correctly configured to support multiple domains. For each domain, a virtual host name and Virtual IP address are configured with the virtual domain name and IP address.
Each domain must be issued a signed commercial certificate that attests that the public key contained in the certificate belongs to that domain.
To install the certificate, you paste the CA certificate in the Domain>Certificate tab on the administration console and you deploy the certificate from the CLI.
Configure the Zimbra Proxy Virtual Host Name and IP Address. From the CLI, as zimbra, type
zmprov md <domain> +zimbraVirtualHostName {domain.example.com}+zimbraVirtualIPAddress {1.2.3.4}
Note: The virtual domain name requires a valid DNS configuration with an A record.
In the administration console, select the domain to edit.
In the Domains>Certificate page Domain Certificate field, paste the domain's issued signed commercial root certificate and the intermediate certificates in descending order, starting with your domain certificate. This order allows the full certificate chain to be validated.
In the Domain Private Key field, paste the private key files. Remove any password authentication from the private key before the certificate is saved. See you commercial certificate provider for details about how to remove the password.
Click Save.
Go to the ZCS CLI command line to deploy the certificates.
As root, type
/opt/zimbra/libexec/zmdomaincertmgr deploycrts
To restart proxy services to make the changes take effect, as zimbra, type
zmproxyctl stop
zmproxyctl start
-------------------------------------------------------------------------------------------------------
Copyright @ 2005-2017 Synacor, Inc. All rights reserved. "Zimbra" is a registered trademark of Synacor, Inc.