I have a server running Ubuntu 6.06.2 and ZCS 5.0.1 that won't let me view its certificate. When I attempt to do so through the admin console, I get this error:
Code:
Server error encountered
Message: system failure: exception during auth {RemoteManager: mail.domain.com->zimbra@mail.domain.com:22} Error code: service.FAILURE Method: GetCertRequest Details:soap:Receiver .
sshd_config lists the present port as 22, and running
Code:
zmprov gs `zmhostname` | grep zimbraRemoteManagementPort
gets me:
Code:
zimbraRemoteManagementPort: 22
If I run this:
Code:
zmprov gs `zmhostname` | grep -i remote
I get:
Code:
zimbraRemoteManagementCommand: /opt/zimbra/libexec/zmrcd
zimbraRemoteManagementPort: 22
zimbraRemoteManagementPrivateKeyPath: /opt/zimbra/.ssh/zimbra_identity
zimbraRemoteManagementUser: zimbra
I followed the steps in
Mail Queue Monitoring - Zimbra :: Wiki to regenerate the keys, and also tried unlocking the Zimbra user. Of course, on one server at a different client (running 5.0.4), this worked perfectly; on this one, I get this when I check the verbose output for ssh:
Code:
ssh -i .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@server.domain.com -p 22
...which yields:
Code:
Warning: Identity file .ssh/zimbra_identity not accessible: No such file or directory.
zimbra@mail.domain.com's password:
No amount of regenerating keys or unlocking the zimbra user changes this, and I'm stuck with the original error in the admin console.
I haven't tried fixing permissions. Beyond that, what are my next steps?
Of interest, I can log-in to the Ubuntu box as root, and su - zimbra, but I can't su - root when I am zimbra--it says "Sorry." But I can logout back to the root user and continue as normal. This is also weird compared to the other box I normally work with.
I need to upgrade this server to 5.0.6 in a few days, and I'm nervous that this is just the tip of an icky iceberg--I'd like to make sure all is working as advertised before I dive in to the upgrade!
Thank you as always for all your excellent help!