Results 1 to 8 of 8

Thread: disabling ssl?

  1. #1
    seravitae is offline Intermediate Member
    Join Date
    Mar 2007
    Posts
    21
    Rep Power
    8

    Default disabling ssl?

    Hey there, is there a way to disable SSL? I keep getting errors in the administration console when accessing MTA and other settings which I believe is because i dont have a certificate. I will not ever be getting a commercial certificate and the wiki didn't really explain how to get around this. Im not really interested in SSL as all users will communicate through a secure vpn anyways.

    Any ideas?

    Errors obtained:
    ----------------------------
    (1) The server's name "10.1.1.10" does not match the certificate's name "lina.seravitae.com". Somebody may be trying to eavesdrop on you.
    (2) The certificate for "lina.seravitae.com" is signed by the unknown Certificate Authority "lina.seravitae.com". It is not possible to verify that this is a valid certificate.

    Server error encountered: Message: system failure: server lina.seravitae.com zimbraRemoteManagementPrivateKeyPath (/opt/zimbra/.ssh/zimbra_identity) does not exists Error code: service.FAILURE Method: GetServerNIfsRequest Details:soap:Receiver

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,491
    Rep Power
    56

    Default

    You can't disable SSL, try recreating the certificates.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    seravitae is offline Intermediate Member
    Join Date
    Mar 2007
    Posts
    21
    Rep Power
    8

    Default

    Hi bill, thanks for the response. I was/am following the guide and get up to this step with an interesting response:


    zimbra@lina:~$ keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass zimbra
    keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect


    not sure what to do here. seeing as i never had a certificate of any kind (new install) i attempted the "Single-Node Self-Signed Certificate" example in the wiki, which went smoothly and apparently generated a self-signed certificate. However i still get an invalid certificate error in firefox, and the original very long error still shows up in the admin console when i try to navigate anything important. also certificates as an option isnt shown there. (shouldnt it be?)

    thanks so far.

  4. #4
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Code:
    su - zimbra
    zmcontrol -v

  5. #5
    seravitae is offline Intermediate Member
    Join Date
    Mar 2007
    Posts
    21
    Rep Power
    8

    Default

    Release 5.0.11_GA_2695.UBUNTU8 UBUNTU8 FOSS edition

  6. #6
    brian is offline Project Contributor
    Join Date
    Jul 2006
    Posts
    623
    Rep Power
    10

    Default

    This guide is probably more appropriate. http://wiki.zimbra.com/index.php?tit...ed_Certificate
    Bugzilla - Wiki - Downloads - Before posting... Search!

  7. #7
    seravitae is offline Intermediate Member
    Join Date
    Mar 2007
    Posts
    21
    Rep Power
    8

    Default

    yes, that is the one i was referring to that i followed.

    evidence:
    ------------------------------
    root@lina:/opt/zimbra/bin# ./zmcertmgr viewdeployedcrt
    ::service mta::
    notBefore=Feb 23 09:40:02 2009 GMT
    notAfter=Feb 23 09:40:02 2010 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    SubjectAltName=
    ::service proxy::
    notBefore=Feb 23 09:40:02 2009 GMT
    notAfter=Feb 23 09:40:02 2010 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    SubjectAltName=
    ::service mailboxd::
    notBefore=Feb 23 09:40:02 2009 GMT
    notAfter=Feb 23 09:40:02 2010 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    SubjectAltName=
    ::service ldap::
    notBefore=Feb 23 09:40:02 2009 GMT
    notAfter=Feb 23 09:40:02 2010 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=lina.seravitae.com
    SubjectAltName=
    --------------------------------------


    unfortunately still getting the same error

    i should say at this point also, if it helps, that the self-signed certificate is used because i am doing a small intranet zimbra platform, using split-horizon dns.
    Last edited by seravitae; 02-24-2009 at 04:47 AM.

  8. #8
    seravitae is offline Intermediate Member
    Join Date
    Mar 2007
    Posts
    21
    Rep Power
    8

    Default

    sorry to bump the thread but i have not discovered anything further about this problem. the self-signed cert is apparently installed, im not sure what else to try.

    if anyone can shed any light i'd appreciate it! i think the slightly misleading title may cause people to not read the thread. is it worth me waiting and posting a fresh thread, or somehow editing the name of this one?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Note on creating SSL certs in opensource zimbra
    By pheonix1t in forum Administrators
    Replies: 2
    Last Post: 01-17-2009, 08:10 AM
  2. Disable SSL on the Admin Port 7071
    By rasputin in forum Installation
    Replies: 2
    Last Post: 04-06-2008, 03:29 AM
  3. Replies: 1
    Last Post: 01-02-2008, 09:31 PM
  4. Disabling SSL 2.0
    By cscott in forum Administrators
    Replies: 0
    Last Post: 06-25-2007, 04:37 PM
  5. Help with tomcat ssl errors...
    By sgtstadanko in forum Administrators
    Replies: 4
    Last Post: 03-19-2007, 09:13 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •