Although this works it will NOT survive an upgrade. Not to mention there is actually a much easier solution.
sign into any shell or ssh and give yourself sudo root by issuing:
sudo su
make 2 directories:
mkdir -p /etc/Zentyal/stubs
mkdir -p /etc/Zentyal/stubs/openchange
Now copy the system generated stub file into the openchange directory
copy /usr/share/Zentyal/stubs/openchange/apache-ocsmanager.conf.mas /etc/Zentyal/stubs/openchange/
Now edit the copied stub:
nano /etc/Zentyal/stubs/openchange/apache-ocsmanager.conf.mas
*if you hate nano use something else, I'm a nano fan myself
Scroll down to the part about the SSL Certificate and I just comment out the line that says:
SSLCertificateFile <% $cert %> (or something really like that
Then create the following 3 lines:
SSLCertificateFile /etc/apache2/ssl/certificate.crt
SSLCertificateKeyFile /etc/apache2/keyfile.key
SSLCACertificateFile /etc/apache2/ssl/certificate.ca-bundle
Then I save and close it, create the directory mentioned above:
mkdir -p /etc/apache2/ssl
and upload my cert, my key file and my bundle file.
After that all you do is restart openchange:
service Zentyal openchange restart
If it says OK then you're good, if it throws an error then you'll have to restart Apache to find out where exactly the problem is:
service apache2 restart
I'm typing those 3 lines out of memory and it could be a little off. It's the same as what is in the default SSL virtual host file in Apache2, so you can check in ther:
nano /etc/apache2/sites-available/default-ssl.conf
scroll down and find the lines for certificate file, certificate key and the root CA or the CA bundle depending on which one you've got. Also, if your cert has a .pem extension or .cer then use that instead of .crt.
This method will survive a reboot, an upgrade of Zentyal and if you just can't get it to work then you just delete the stubb file you are editing and start over. No system generated files are messed with, no bricking your machine and most of all it's easy as heck to remember what you put where!