letsencrypt-zimbra

#!/bin/bash
/usr/local/sbin/certbot certonly -d mail.domainmu.com --standalone -n --preferred-chain  "ISRG Root X1" --agree-tos --register-unsafely-without-email
cp "/etc/letsencrypt/live/mail.domainmu.com/privkey.pem" /opt/zimbra/ssl/zimbra/commercial/commercial.key
chown zimbra:zimbra /opt/zimbra/ssl/zimbra/commercial/commercial.key
wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt
rm -f "/etc/letsencrypt/live/mail.domainmu.com/chainZimbra.pem"
cp "/etc/letsencrypt/live/mail.domainmu.com/chain.pem" "/etc/letsencrypt/live/mail.domainmu.com/chainZimbra.pem"
cat /tmp/ISRG-X1.pem >> "/etc/letsencrypt/live/mail.domainmu.com/chainZimbra.pem"
chown zimbra:zimbra /etc/letsencrypt -R
cd /tmp
su zimbra -c '/opt/zimbra/bin/zmcertmgr deploycrt comm "/etc/letsencrypt/live/mail.domainmu.com/cert.pem" "/etc/letsencrypt/live/mail.domainmu.com/chainZimbra.pem"'
rm -f "/etc/letsencrypt/live/mail.domainmu.com/chainZimbra.pem"
su zimbra -c 'zmcontrol restart'