Quote:
|
Originally Posted by marcmac Did you try recreating the certs?
zmcreateca
zmcertinstall mailbox |
marcmarc: Thank you for the swift reply.
Yes, I tried to create the certs manually (following your suggestions in thread
SSL Problem - No common encryption algorithm)
Unfortunately I continuously get the following error when I 'zmcertinstall mailbox':
** Importing server cert
keytool error: java.lang.Exception: Public keys in reply and keystore don't match
Next I start deleteing the certs, but get an error when trying to remove the my_ca alias: Does not exist!
keytool -delete -alias my_ca -keystore /opt/zimbra/tomcat/conf/keystore -keypass zimbra
Enter keystore password: zimbra
keytool error: java.lang.Exception: Alias
does not exist
zmcreatecert works only when cacerts (/opt/zimbra/java/jre/lib/security/) has been deleted previously. Otherwise the following happens:
zmcreatecert
** Importing CA
keytool error: java.lang.Exception: Certificate not imported, alias already exists
** Creating keystore
** Creating server cert request
Generating a 1024 bit RSA private key
..............++++++
...............................................+++ +++
writing new private key to '/opt/zimbra/ssl/ssl/server/server.key'
-----
** Signing cert request
Using configuration from /opt/zimbra/ssl/ssl/zmssl.cnf
Check that the request matches the signature....
I find that odd, as the keytool reports previously that alias my_ca cannot be deleted from .../keystore as it does not exist.
What am I missing?
PS: All file access permissions seem to be ok on cacerts and keystore
Thank you,
still clueless