SSL Certificate Not Working



I have purchased an wildcard ssl for my domain. My certificate has a RootCA but in your documentation I don’t find anything how to change the rootca. Can you please guide me?

Thanks in advance.


Which service are you trying to setup with the certificate?

There is a guide here:

For example for Apache you can set apache2/ssl/certificate and apache2/ssl/key to the purchased cert to use it for web related access. For dovecot the same is mail/dovecot/ssl/certificate and mail/dovecot/ssl/key .

If the certificate contains a complete chain, you should be able to put all intermediate certs in one file and provide that.

UCS also uses certificates for internal communication, IMO it is not advisable to try to replace those certificates.


You can upload your

* Domain key .key
*Ca bundle .crt
*SSL cert .crt

to /etc/apache2/ssl/ and then go to System->Univention Configuration Registry and edit your SSL path

How to deny access to /univention portal from internet

Will try this method now. Thanks.


It worked for apache2. Can you please help me about mail ssl?


It is working perfectly for all except /appsuite. What is the reason?


the certificates may be not at the right place? mail/dovecot/ssl/certificate and mail/dovecot/ssl/key

The documentation for SSL Certificates can be found here:
A helpful SDB article can be found here:


Your help was great. Can you please give it for the TLS?


Did you check /etc/univention/ssl/<host.dmainname>/ ?

       what is  the output of the path for     # grep .pem   /etc/postfix/