I’ve struggled with getting a GoDaddy-issued SSL certificate installed into a new Zimbra instance for a client. Fortunately I used a virtual machine and was able to make snapshots of the VM along the way. Most of the struggle revolved around the fact that (1) GoDaddy makes the required files available in many versions and formats, and (2) the Zimbra documentation really sucks in this area.
Fortunately I found David McKay’s article How to Renew a GoDaddy Certificate on Zimbra. This gave me insight into which combination of files to use.
- The Zimbra instance must install cleanly. My Zimbra installation notes are here.
- You must be able to view the Zimbra Certificates page without error. The page is found on the lower portion of the side bar.
Get the Certificate Files
- Use the Install Certificate button to create the CSR.
- Download the CSR.
- Paste the CSR into GoDaddy’s SSL certificate page.
- When downloading the certificate, there is a list of formats to choose from. Choose Apache.
- Also download GoDaddy’s root certificate file gd-class2-root.crt from their Repository page. As of this writing, this is the first file listed.
Installing the SSL Certificate
Back on the Zimbra Certificate page, click on Install Certificate button. You’ll be asked for several files.
- Certificate File: This is the new SSL certificate from the zip file. The default name is domain.crt.
- Root CA File: This is the file gd-class2-root.crt that you downloaded separately.
- Intermediate CA file: This is the file gd_bundle.crt found in the zip file.
This was the combination of files I was looking for but didn’t quite ever get right.
Store these files with backups.