Thread: [SOLVED] Expired Cert in 5.0GA can cause mail Delivery failure
View Single Post
  #38 (permalink)  
Old 01-02-2008, 01:07 AM
Klug Klug is offline
Moderator
  
Posts: 1,847
Default
Quote:
Originally Posted by PhishKiller View Post
Yes.
I don't think so.

Quote:
Originally Posted by PhishKiller View Post
Here are some dumps from it:
Code:
[root@mail ssl]# openssl x509 -in /opt/zimbra/ssl/zimbra/ca/ca.pem -noout -text
Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number:
            b9:cd:24:77:e9:24:ba:0f
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=CA, L=San Mateo, O=Zimbra, OU=Zimbra Collaboration Suite, CN=mail.ourdomain.com
That's not your commercial certificate, it's coming from Zimbra (look at the issuer).

I got the same problem with Zimbra's own tools : when trying to upgrade to a new self-signed certificate, the ca.pem file date changed but not the content.

You should retry the whole steps (clear the LDAP, clear the certs directory, etc).
Or maybe just putting the correct ca.pem (the one from your commercial certificate issuer) in the directory would "fix" things (as it's not the one the cert is waiting for).
Reply With Quote