Quote:
|
Originally Posted by shohamlevy I think I have found some bugs/issues in the source setup (from CVS) and in the certificating process.
point 1
In the script "zmcreatecert" you generate the tomcat alias (in function createKeyStore). You later create a certificate for that alias, which you import back into the Tomcat keystore - in the certinsatll script (function importCert). It is always in that stage that I get the error: "Public keys in reply and keystore don't match".
I don't really care about that error, because I can easily remove the tomcat alias "keytool -delete", and manually re-add it as certified. But isn't there a security problem in the flow to begin with? The purpose of certificates is to get a 3rd party approval - and your script's flow simply "self-approves" itself. I don't know if this should cause issues to others, because I am not that proficient in keytool and certificates, but maybe this is what was causing my problems to start with? |
The whole point of the createcert script is to create a self-signed certificate, to make it easier to get zimbra up and running with ssl - we don't cover 3rdparty certs.
Self signed certs work fine, though they will generate a warning to clients.
Quote:
|
Originally Posted by shohamlevy point 2
In dev-install you miss copying a script:
cp ZimbraBuild/rpmconf/Build/get_plat_tag.sh /opt/zimbra/bin
This script is needed for other Zimbra scripts. |
I'll take a look at this.
Quote:
|
Originally Posted by shohamlevy point 3
When I finaly run LDAP (zmldapinit) - it fails to find the database:
bdb(): /opt/zimbra/openldap-data/__db.001: No such file or directory
Of course, I don't have this directory. I fail to find the DB initialization script in the CVS tree. How should I initialize the LDAP database?
Thanks,
Shoham. |
Initialize the db with zmldapinit - if it's failing with that error, you'll need to pre-create the openldap-data directory before running it.