I don't understand why copying the appropriate cert (thawte.pem in my case) into the ca directory and running c_rehash doesn't fix it.
The "fix" for comment #10 is to set start_tls = no and chattr +i /opt/zimbra/conf/ldap*, so that zmmtainit can't rewrite those files. You'll get errors from postfix/zmcontrol start, but it runs. |