yoda# cd /opt/zimbra/ssl/zimbra/commercial
yoda# cp commercial.csr commercial.crt commercial_ca.crt commercial.key /tmp/zimbra-certs

yoda$ /opt/zimbra/bin/zmcertmgr verifycrt comm commercial.key commercial.crt commercial_ca.crt
`Verifying 'certificate-975485766.crt' against 'commercial.key'Certificate 'certificate-975485766.crt' and private key 'commercial.key' match.** Verifying 'certificate-975485766.crt' against 'intermediate.crt'ERROR: Unable to validate certificate chain: C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CAerror 2 at 1 depth lookup: unable to get issuer certificateerror certificate-975485766.crt: verification failed`
`Verifying 'commercial.crt' against 'commercial.key'Certificate 'commercial.crt' and private key 'commercial.key' match.** Verifying 'commercial.crt' against 'commercial_ca.crt'Valid certificate chain: commercial.crt: OK`

`yoda$ /opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt`

- `Keeping first certificate in 'commercial.crt'** Verifying 'commercial.crt' against '/opt/zimbra/ssl/zimbra/commercial/commercial.key'Certificate 'commercial.crt' and private key '/opt/zimbra/ssl/zimbra/commercial/commercial.key' match.** Verifying 'commercial.crt' against 'commercial_ca.crt'Valid certificate chain: commercial.crt: OK** Copying 'commercial.crt' to '/opt/zimbra/ssl/zimbra/commercial/commercial.crt''commercial.crt' and '/opt/zimbra/ssl/zimbra/commercial/commercial.crt' are identical (not copied) at /opt/zimbra/bin/zmcertmgr line 1278.** Copying 'commercial_ca.crt' to '/opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt''commercial_ca.crt' and '/opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt' are identical (not copied) at /opt/zimbra/bin/zmcertmgr line 1278.** Appending ca chain 'commercial_ca.crt' to '/opt/zimbra/ssl/zimbra/commercial/commercial.crt'** Importing cert '/opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt' as 'zcs-user-commercial_ca' into cacerts '/opt/zimbra/common/lib/jvm/java/lib/security/cacerts'** NOTE: restart mailboxd to use the imported certificate.** Saving config key 'zimbraSSLCertificate' via zmprov modifyServer mail.hondafreeway.com.br...ok** Saving config key 'zimbraSSLPrivateKey' via zmprov modifyServer mail.hondafreeway.com.br...ok** Installing imapd certificate '/opt/zimbra/conf/imapd.crt' and key '/opt/zimbra/conf/imapd.key'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.crt' to '/opt/zimbra/conf/imapd.crt'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.key' to '/opt/zimbra/conf/imapd.key'** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12'** Creating keystore '/opt/zimbra/conf/imapd.keystore'** Installing ldap certificate '/opt/zimbra/conf/slapd.crt' and key '/opt/zimbra/conf/slapd.key'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.crt' to '/opt/zimbra/conf/slapd.crt'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.key' to '/opt/zimbra/conf/slapd.key'** Creating file '/opt/zimbra/ssl/zimbra/jetty.pkcs12'** Creating keystore '/opt/zimbra/mailboxd/etc/keystore'** Installing mta certificate '/opt/zimbra/conf/smtpd.crt' and key '/opt/zimbra/conf/smtpd.key'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.crt' to '/opt/zimbra/conf/smtpd.crt'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.key' to '/opt/zimbra/conf/smtpd.key'** Installing proxy certificate '/opt/zimbra/conf/nginx.crt' and key '/opt/zimbra/conf/nginx.key'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.crt' to '/opt/zimbra/conf/nginx.crt'** Copying '/opt/zimbra/ssl/zimbra/commercial/commercial.key' to '/opt/zimbra/conf/nginx.key'** NOTE: restart services to use the new certificates.** Cleaning up 3 files from '/opt/zimbra/conf/ca'** Removing /opt/zimbra/conf/ca/ca.key** Removing /opt/zimbra/conf/ca/ca.pem** Removing /opt/zimbra/conf/ca/63f87d8f.0** Copying CA to /opt/zimbra/conf/ca** Copying '/opt/zimbra/ssl/zimbra/ca/ca.key' to '/opt/zimbra/conf/ca/ca.key'** Copying '/opt/zimbra/ssl/zimbra/ca/ca.pem' to '/opt/zimbra/conf/ca/ca.pem'** Creating CA hash symlink '63f87d8f.0' -> 'ca.pem'** Creating /opt/zimbra/conf/ca/commercial_ca_1.crt** Creating CA hash symlink 'ee64a828.0' -> 'commercial_ca_1.crt'** Creating /opt/zimbra/conf/ca/commercial_ca_2.crt** Creating CA hash symlink 'fc5a8f99.0' -> 'commercial_ca_2.crt'** Creating /opt/zimbra/conf/ca/commercial_ca_3.crt** Creating CA hash symlink '65ff7287.0' -> 'commercial_ca_3.crt'`

yoda$ /opt/zimbra/bin/zmcertmgr viewdeployedcrt

$ zmcontrol restartHost yoda.gigaflops.com.brStopping zmconfigd...Done.Stopping zimlet webapp...Done.Stopping zimbraAdmin webapp...Done.Stopping zimbra webapp...Done.Stopping service webapp...Done.Stopping stats...Done.Stopping mta...Done.Stopping spell...Done.Stopping snmp...Done.Stopping cbpolicyd...Done.Stopping archiving...Done.Stopping opendkim...Done.Stopping amavis...Done.Stopping antivirus...Done.Stopping antispam...Done.Stopping proxy...Done.Stopping memcached...Done.Stopping mailbox...Done.Stopping logger...Done.Stopping dnscache...Done.Stopping ldap...Done.Host yoda.gigaflops.com.brStarting ldap...Done.Starting zmconfigd...Done.Starting dnscache...Done.Starting logger...Done.Starting mailbox...Done.Starting memcached...Done.Starting proxy...Done.Starting amavis...Done.Starting antispam...Done.Starting antivirus...Done.Starting opendkim...Done.Starting snmp...Done.Starting spell...Done.Starting mta...Done.Starting stats...Done.Starting service webapp...Done.Starting zimbra webapp...Done.Starting zimbraAdmin webapp...Done.Starting zimlet webapp...Done.