How to Install SSL Certificate for Zimbra on CentOS

In this guide, you will learn how to set up an SSL certificate for Zimbra on an CentOS server. This script automates the process of installing and managing SSL certificates for Zimbra mail servers. It uses Certbot and certbot-zimbra for this purpose.

Step 1: Create the Script

Open a text editor on your CentOS server, and create a new file named

Copy and paste the following script into the file:

read -p "Enter Your Domain: " domain 
yum -y install certbot
# install certificate 
su - zimbra -c 'zmcontrol stop' 
certbot certonly --standalone -d $domain 
mkdir -p  /opt/zimbra/ssl/zimbra/commercial/ 
cp /etc/letsencrypt/live/$domain/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key 
chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key 
wget --no-check-certificate -O /tmp/ISRG-X1.pem
cat /tmp/ISRG-X1.pem >> /etc/letsencrypt/live/$domain/chain.pem 
su - zimbra -c "/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /etc/letsencrypt/live/$domain/cert.pem /etc/letsencrypt/live/$domain/chain.pem" 
# install certbot-zimbra 
if [ ! -d  $folder ] 
        wget --content-disposition 
        tar xzf certbot-zimbra-0.7.11.tar.gz 
        cd certbot-zimbra-0.7.11 && cp /usr/local/bin/ 
        /usr/local/bin/ -d 
        su - zimbra -c 'zmcontrol restart' 
        cd certbot-zimbra-0.7.11 && cp /usr/local/bin/ 
        /usr/local/bin/ -d 
        su - zimbra -c 'zmcontrol restart' 
# cron install certification 
a=`grep "/usr/bin/certbot" /var/spool/cron/root` 
if [[ -z "$a" ]] 
        echo "0 0 * */2 * root /usr/bin/certbot renew --pre-hook \"/usr/local/bin/ -p\" --deploy-hook \"/usr/local/bin/ -d\"" >> /var/spool/cron/root 

Step 2: Permissions and Execution

Make the script executable:

chmod +x

Run the script

sudo ./

Step 3: Follow Script Instructions

  1. When prompted, enter your domain name (e.g.,
  2. The script will install Certbot and obtain an SSL certificate for the provided domain.
  3. It will set up the necessary certificate files for Zimbra and verify the certificate.
  4. The script will then install certbot-zimbra for easier certificate management.
  5. A cron job for certificate renewal will be set up to run daily.

Remember that this script assumes you have a basic understanding of the Linux command line and Zimbra mail server setup. Always ensure you have backups and test in a controlled environment before making changes in a production setting.

Knowledge Base Linux
Knowledge Base Linux

Kblinux is an abbreviation for the phrase "Knowledge Base Linux." The website shares instructional articles related to the Linux system. I hope my small blog will reach many people who share the same passion for Linux.

Articles: 40


Typically replies within a day

Hello, Welcome to the site. Please click below button for chatting me through Telegram.