If your certificate authority has increased their key requirements to 2048 bit your CSR may be rejected when generated like so:

# /opt/zimbra/bin/zmcertmgr createcsr comm -new "/C=CA/ST=ON/L=Toronto/O=Yourbusiness/OU=Yourdept/CN=mail.server.com"

Fortunately, the -keysize flag was added in Zimbra 6.x:

# /opt/zimbra/bin/zmcertmgr createcsr comm -new -keysize 2048 "/C=CA/ST=ON/L=Toronto/O=Yourbusiness/OU=Yourdept/CN=mail.server.com"

http://bugzilla.zimbra.com/show_bug.cgi?id=36313

Be Sociable, Share!
  • Twitter
  • Facebook
  • email
  • StumbleUpon
  • Delicious
  • Google Reader
  • LinkedIn
  • Digg
  • Google Bookmarks
  • Reddit
  • Tumblr