The error:
Code:
[] ERROR: java.security.cert.CertificateExpiredException: NotAfter: Mon Jul 03 02:04:38 EST 2006
ERROR: zclient.IO_ERROR (invoke java.security.cert.CertificateException: Untrusted Server Certificate Chain, server: localhost) (cause: javax.net.ssl.SSLHandshakeException java.security.cert.CertificateException: Untrusted Server Certificate Chain)
Means your certifcate for localhost has expired, as zmprov now uses SOAP via SSL to provision accounts by default. If you add "-l" ("use ldap") to the zmprov command it should work.
Ultimately you should regenerate the self-signed certificate (there was a bug in the script that generated the self-signed cert that caused it to generate a cert that was only good for 60 days, IIRC) so zmprov can talk to the server via SOAP instead of directly modifying LDAP, which bypasses a cache kept within Tomcat.