https login and zmcertinstall
In attempting to get my self signed ssl certs functinonal for mail clients, i tried to recreate the certs using the instructions from this thead.
I've gone though and tried to reset my cert numberous times, but i still am unable to login via https. Below are the error messages from zimbra.log.
2006-02-22 18:30:40,282 FATAL [ImapSSLServer]  TcpServer/993 - accept loop failed
javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.c heckEnabledSuites(SSLServerSocketImpl.java:303)
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.a ccept(SSLServerSocketImpl.java:253)
at com.zimbra.cs.tcpserver.TcpServer.run(TcpServer.ja va:185)
Can anyone be of assistance to get my https logins working again? Thank you.
Additional data suggestions for wiki article
Could you provide a list of approved SSL certificate vendors in the wiki article, and instructions for installing commercial cert's provided by these vendors?
I wouldnt mind if you only had one or two official cert vendors, but some concrete guides on what type of cert to buy, and the process of adding the certs to both tomcat and the mta's would be very useful.
The place where this comes up is IMAP clients, like thunderbird, who get the certificate warning and are forced to accept the self-signed certificate that zimbra defaults to.
From a user training perspective, i'd rather not get the users used to hitting the accept button when those types of messages pop up.
Right now I ordered a cert for zimbra.mycompany.com from GeoTrust. It's a basic SSL webserver certificate. Installing on the MTA worked fine, but when trying to do the install to tomcat (zmcertinstall mailbox) things went very very wrong, and got the dreaded "firefox cannot communicate with zimbra.mycompany.com because we share no common encryption algorithms" message on the client side.