Guys, love the project so far. I am pumped! Can't wait to use this in production.
Concerning certs, when I try and create one while logged in as zimbra user, I get a java error:
Code:
[zimbra@mail bin]$ zmcreatecert
** Creating CA private key
Generating a 1024 bit RSA private key
..........++++++
.++++++
unable to write 'random state'
writing new private key to '/opt/zimbra/ssl/ssl/ca/ca.key'
-----
** Creating CA cert
Signature ok
subject=/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/CN=mail.myexampleserver.com
Getting Private key
unable to write 'random state'
** Importing CA
Certificate was added to keystore
keytool error: java.io.FileNotFoundException: /opt/zimbra/java/jre/lib/security/cacerts (Permission denied)
** Creating keystore
** Creating server cert request
** Signing cert request
Signature ok
subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=mail.myexampleserver.com
Getting CA Private Key
unable to write 'random state'
Signature ok
subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=mail.myexampleserver.com
Getting Private key
unable to write 'random state'
[zimbra@mail bin]$
When I try to create one while logged in as root, however, the keytool command does not work (probably because it is not in the path)
Code:
[root@mail bin]# ./zmcreatecert
** Creating CA private key
Generating a 1024 bit RSA private key
......++++++
........................++++++
writing new private key to '/opt/zimbra/ssl/ssl/ca/ca.key'
-----
** Creating CA cert
Signature ok
subject=/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/CN=mail.myexampleserver.com
Getting Private key
** Importing CA
./zmcreatecert: line 96: keytool: command not found
** Creating keystore
./zmcreatecert: line 108: keytool: command not found
** Creating server cert request
./zmcreatecert: line 119: keytool: command not found
** Signing cert request
Signature ok
subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=mail.myexampleserver.com
Getting CA Private Key
Signature ok
subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=mail.myexampleserver.com
Getting Private key
[root@mail bin]#
Additionally, I am having trouble logging in to using outlook, outlook express, thunderbird, etc. In all cases, for all of the clients that i have tried, I set the SMTP to require authentication (SSL) via port 25, but I get the infinite login loop. The error message that outlook express gives me is:
Code:
There was a problem logging onto your mail server. Your User Name was rejected. Account: 'mail.myexampleserver.com', Server: 'mail.myexampleserver.com', Protocol: POP3, Server Response: '-ERR only valid after entering TLS mode', Port: 110, Secure(SSL): No, Server Error: 0x800CCC90, Error Number: 0x800CCC91
Even after changing my server to enable clear text login (in the pop3), with the Enable SSL for POP3 box unchecked, I still get the same error.
Are there any specific things that I should be looking for? When I grep sasl, here is what I get:
Code:
[root@mail ~]# ps aux | grep sasl zimbra 17569 0.0 0.1 5812 1280 ? Ss Oct29 0:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
zimbra 17576 0.0 0.1 5812 1280 ? S Oct29 0:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
zimbra 17577 0.0 0.1 5812 1280 ? S Oct29 0:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
zimbra 17578 0.0 0.1 5812 1280 ? S Oct29 0:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
zimbra 17579 0.0 0.1 5812 1280 ? S Oct29 0:00 /opt/zimbra/cyrus-sasl-2.1.21.ZIMBRA/sbin/saslauthd -r -a zimbra
root 32694 0.0 0.0 3760 676 pts/1 R+ 10:58 0:00 grep sasl
[root@mail ~]#
I'm at a loss as to what to do at this point.
My only other problem is that I can't
send mail
, but I am almost certain that it is because I didn't have a PTR record set up correctly. (and my ISP is adding one even as I write this.)
It is at this point that I say..........
.....
.....
.....
.....
.....
.....
HELP!!!