-
Zextras Carbonio 23.6.0
-
-
- Older Version's Changelogs
- Changelog Version 23.2.0
- Changelog version 23.3.0
- Changelog Version 23.4.0
- Changelog Version 23.5.0
- Changelog Version 23.7.0
- Changelog Version 23.6.0
- Changelog version 23.9.0
- Changelog Version 23.10.0
- Changelog for Release 23.11.0 of Carbonio
- Changelog for Release 23.12.0 of Carbonio
-
-
-
-
Carbonio Community Edition
-
Suite for Zimbra
- Zextras Suite documentation
- Introduction
- Installation Instructions for Zextras Suite
- Licencing of Zextras Suite
- File Management for Licences
- Zextras Backup
- Backup and Restore by Zextras
- Zextras Backup Advanced Methods
- Zextras for Mobile
- Service for Address Books
- Troubleshooting Zextras Mobile
- Powerstore Zextras
- The Indexing of Attachments
- Extractor of External Content
- Delegated Admin Provisioning Zextras Admin
- The Zextras Drive
- Docs Zextras
- Authentique Zextras
- Team Zextras
- Video Server Zextras
- CLI
- next6 back
-
- Changelog for Zextras 3.1.x releases
- Changelog for Zextras Suite 3.2.0
- Changelog for Zextras Suite 3.3.0
- Zextras Suite Changelog - Release 3.4.0
- Changelog for Zextras Suite 3.5.0
- Changelog for Zextras Suite 3.6.0
- Changelog for Zextras Suite 3.7.0
- Changelog for Zextras Suite 3.8.0
- Changelog for Zextras Suite 3.9.0
- Changelog for Zextras Suite 3.10.0
- Changelog for Zextras Suite 3.11.0
- Changelog for Zextras Suite 3.12.0
- Changelog for Zextras Suite 3.13.0
- Changelog for Zextras Suite 3.14.0
- Changelog for Zextras Suite 3.15.0
- Changelog for Zextras Suite 3.16.0
- Changelog for Zextras Suite 3.17.0
- Changelog for Zextras Suite 3.18.0
- Zextras Suite Changelog - Release 3.19.0
- next4 back
Carbonio CE Security
On a typical Carbonio CE installation, the rules in this section describe how to implement security.
Place an SSL Certificate in Use
This section describes adding an SSL/TLS certificate to a Carbonio CE installation, including how to add a wildcard certificate as well as a certificate for a single server. Let’s Encrypt certificate installation and maintenance are supported by Carbonio CE; instructions for doing so may be found in a specific post on the Zextras Community portal.
This configuration is required if Carbonio CE is used with mobile apps; it is also advised for any installation to prevent the client browser’s connection-related warning about an invalid certificate.
Installation of Commercial Certificates
We’ll explain the process while accounting for the following circumstance:
- The FQDN of the server is mail.example.com.
- There isn’t a valid SSL certificate for the domain.
Replace mail.example.com with your actual server’s FQDN in the remaining text.
There are a few phases to the process, and the Carbonio CE server must be accessible via console.
Step 1: Creation of a Certificate Signing Request
We begin by producing a CSR:
where the subject’s different elements correspond to the required fields for an SSL certificate:
C: The country’s two-digit code
ST: Province or State
L: City
Name of the Organisation
OU stands for Organisation Unit (Department).
Compound Name
These files will be created after the command has been run:
Get the certificates from your SSL supplier in step two.
You must submit the CSR to the SSL provider, obtain a commercial certificate in PEM format, and store it as /opt/zextras/ssl/carbonio/commercial/commercial.crt in order to properly finish this step.
Additionally, SSL providers give a packaged certificate file (referred to as a “Full Chain CA”) that must be stored as /opt/zextras/ssl/carbonio/commercial/commercial_ca.crt. This file also contains the intermediate certificate and the so-called Root CA.
Step 3: Verify and implement
To ensure that the certificate and your private key are compatible, use the instructions below:
- enter the directory containing the certificates as the zextras user:
- Check the certifications.
- You can use the SSL certificate after a successful verification.
- Restart Carbonio CE to finish.
- Your certificate ought to now be set up: Run the following command to confirm the certificate’s details:
Installing Wildcard Certificates
We employ the same server with the FQDN mail.example.com to illustrate this process, but in this instance a wildcard SSL certificate for the domain *.example.com already exists and was created on a server different than Carbonio CE’s.
As a result, you possess all the required documents, making the process easier in this instance.
Step 1: Certificate setup
The current PEM certificate must be saved as /opt/zextras/ssl/carbonio/commercial/commercial.crt, and its private key must be saved as /opt/zextras/ssl/carbonio/commercial/commercial.key.
To combine the two certificates into one, navigate to /opt/zextras/ssl/carbonio/commercial/ and do as follows:
Verification and deployment in Step 2
To ensure that the certificate and your private key are compatible, use the instructions below:
- enter the directory containing the certificates as the zextras user:
- Check the certifications.
- You can use the SSL certificate after a successful verification.
- Restart Carbonio CE to finish.
Your certificate ought to now be set up: Run the following command to confirm the certificate’s details: