Follow these steps:
- Import CA certificate file.
Navigate to Administration > IMSVA Configuration > Transport Layer Security > Trusted CA Certificates tab, click Import, select the CA certificate file, then click Import.
- Import IMSVA's new certificate.
Navigate to Administration > IMSVA Configuration > Transport Layer Security > SMTP and HTTPS Certificates tab, click Import, select the certificate file and the key file. Leave the password blank if it was not set then click Import.
- Assign the new certificate to TLS service.
Navigate to Administration > IMSVA Configuration > Transport Layer Security > SMTP and HTTPS Certificates tab. Check the checkbox of the new certificate, click Assign then Select Inbound MTA and Outbound MTA. Move them from Service Available field to Service Selected field then click OK.
Assigning the certificate to WebUI service can be done by choosing Management Console and EUQ Console services in this step.
Verify the certificate assignment
- SSH to IMSVA with root account.
- Run the following command to check the certificate used in IMSVA TLS service.
openssl s_client -connect 127.0.0.1:25 -starttls smtp
The output will be as follows:
Server certificate -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- subject=/C=CN/ST=GD/L=GZ/O=Trend/OU=CC/CN=imsva91en.gz.cncorelab.com issuer=/C=CN/ST=JS/L=NJ/O=TR/OU=CT/CN=yourCA.org