How to resolve NO RSA when verifying Letsencrypt ssl in Zimbra 9
1 – use screen to install Zimbra 9. You’ll need two screens to do this. If you are not familiar with screen you may use tmux or just login twice on the server you’re going to install it;
2 – on one screen start the installation process as always you get to to the “apply” moment, right after you set the admin password;
3 – on the second screen edit /opt/zimbra/bin/zmcertmgr file, go to the line 1817, and add the option “-nomac” to the @out array, like this:
@out = $self->run(
$self->Openssl, "pkcs12", "-inkey", $keyf,
"-in", $crtf, "-name", $server,
"-export", "-out", $pkcsf, "-passout",
"pass:$kpass", "-nomac", "2>&1"
);4 – go to the line 1878 and do the very same adding “-nomac” to @out array and save the file
5- Rerun verification command :
sudo su - zimbra -c '/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/letsencrypt/cert.pem /opt/zimbra/ssl/letsencrypt/zimbra_chain.pem'