The following commands helped us to re-create the self-signed certificates.
Single-Node Self-Signed Certificate
1. Begin by generating a new Certificate Authority (CA).
zmcertmgr createca -new
2. Then generate a certificate signed by the CA that expires in 365 days.
zmcertmgr createcrt -new -days 365
3. Next deploy the certificate.
zmcertmgr deploycrt self
4. Next deploy the CA.
5. To finish, verify the certificate was deployed to all the services.
su – zimbra