Howto - Zimbra 6.0.x with GoDaddy Certificate

Bill Pitz

Managed IT and Network Engineering: North Bay Logistics, LLC

After installing Zimbra 6.0.3 on RHEL 5, I repeatedly received the following error when attempting to start services:
Starting logswatch...ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed)

This error can be fixed by running the following (as root):
/opt/zimbra/java/bin/keytool -import -alias root \ -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit \ -file /opt/zimbra/conf/ca/commercial_ca.pem

Solution source: here

If the web interface gives you trouble, the certificate can be installed using the command line tools:
/opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt ca_chain.crt
Where 'commercial.crt' is the name of your certificate, and ca_chain.crt is the GoDaddy intermediate certificate chain (e.g. the 'gd_bundle.crt' file included in the cert zip provided by GoDaddy).