Certificado SSL Lets Encrypt no Zimbra

De Wiki Hackstore
Zimbra-logo-color-square-960px.png
Lets-encrypt-logo.png

Requisitos

yum install git
cd /opt ; git clone https://github.com/letsencrypt/letsencrypt


#!/bin/bash
#
# cd /opt ; git clone https://github.com/letsencrypt/letsencrypt
#
####################################################################


# backup files
cp -rp /etc/letsencrypt/ /etc/letsencrypt.$(date "+%Y%m%d")
cp -rp /opt/zimbra/ssl/letsencrypt /opt/zimbra/ssl/letsencrypt.$(date "+%Y%m%d")
cp -rp /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d")

####################################################################

# Gen cert for hackstore.com.br mail.hackstore.com.br www.hackstore.com.br webmail.hackstore.com.br
cd /opt/letsencrypt ; ./letsencrypt-auto certonly --standalone -d hackstore.com.br -d www.hackstore.com.br -d mail.hackstore.com.br -d webmail.hackstore.com.br
if [ "$?" -ne 0 ]; then
        echo "erro ao gerar certificado"
        exit 1
else
        # Stop Zimbra
        /etc/init.d/zimbra stop
        sleep 3

        # Install certificate
        mkdir -p /opt/zimbra/ssl/letsencrypt
        cp /etc/letsencrypt/live/hackstore.com.br/* /opt/zimbra/ssl/letsencrypt

        cat /etc/letsencrypt/lets.pem >> /opt/zimbra/ssl/letsencrypt/chain.pem

        chown -R zimbra:zimbra /opt/zimbra/ssl/letsencrypt/

        cd /opt/zimbra/ssl/letsencrypt/

        # teste
        su - zimbra -c "cd /opt/zimbra/ssl/letsencrypt; /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem"
        if [ "$?" -ne 0 ]; then
                echo "erro ao gerar certificado"
                exit 1
        else
                su - zimbra -c "cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key"
                su - zimbra -c "cd /opt/zimbra/ssl/letsencrypt; /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem"
              
        fi

        sleep 3
        # Start Zimbra
        /etc/init.d/zimbra start
fi