Install SSL Free (Let's Encrypt) for Zimbra's Virtualhosts.

install-SSLFree-multiDomain.sh

#!/bin/bash
 
### Check A record and add virtualhost to Zimbra
 
domains="$1"
server=$(dig +short a `hostname -f`)
flag=0
for dom in $domains
do
        dom=`echo "$dom" | tr '[:upper:]' '[:lower:]'`
	dom_mx=$(dig +short a mail.$dom)
	if [ "$dom_mx" = "$server"  ]
	then
		echo "Belong to $(hostname)"
		echo "Adding virtualhost to Zimbra..."
		zmprov md $dom zimbraVirtualHostName mail.$dom zimbraVirtualIPAddress $server
		echo "Restarting proxy..."
		zmproxyctl restart
		## Generate SSL cert. for domain
		if [ -e /opt/zimbra/conf/domaincerts/$dom.key ]
		then
			chmod 600 /opt/zimbra/conf/domaincerts/$dom.*
		fi
	 	sudo certbot certonly --webroot -w /opt/zimbra/data/nginx/html/ -d mail.$dom
		## To combine cert. file				
		wget https://gist.githubusercontent.com/hoangdh/9e41fb2368833c47efe62176f84fa920/raw/d2796483610fb3e9e884d325508372ffa4715a8e/ca_letsencrypt.crt -O /tmp/ca_letsencrypt.crt
		sudo cat /etc/letsencrypt/live/mail.$dom/cert.pem /tmp/ca_letsencrypt.crt > /opt/zimbra/conf/domaincerts/$dom.crt
		sudo cat /etc/letsencrypt/live/mail.$dom/privkey.pem > /opt/zimbra/conf/domaincerts/$dom.key
		### Save certiticate to Zimbra
		/opt/zimbra/libexec/zmdomaincertmgr savecrt $dom /opt/zimbra/conf/domaincerts/$dom.crt /opt/zimbra/conf/domaincerts/$dom.key
		chmod 400 /opt/zimbra/conf/domaincerts/$dom.*
		flag=1
		rm -rf /tmp/ca_letsencrypt.crt
	else
		echo "This domain ($dom) don't belong to $(hostname)"
	fi
done
 
## Deploying cert. if flag=1
if [ $flag -eq 1 ]
then
	/opt/zimbra/libexec/zmdomaincertmgr deploycrts
	zmproxyctl restart
fi