web interface with ssl
Our new client required web interface with ssl. I have tested zmtlsctl https
on our test zimbra server ( zcs 5.0.13 ) and it worked fine. ( http://<hostname>:80/zimbra to https://<hostname>/zimbra )
But when i ran zmtlsctl https on staging zimbra server its giving "page can not be display" this server is running with 8100 port.
http://<hostname>:8100/zimbra working fine. But not working with https.
Before testing it on production i have to make it work on staging.
One more thing ..our production zimbra server is behind the firewall so for testing purpose we put the ssl sertificate on load balancer ( F 5) for zimbra web interface then we were able to open the page with https://<hostname>:8100/zimbra with login page but when we put the login credential it was going to https://<hostname>:8100/zimbra/auth and getting stuck there only with message "page can not be found" and while this we are getting logs of login authentication confirmation in zimbra audit log.
Please suggest....do we need to redirect port from 8100 to 80 on external apache server ?
after using zmtlsctl https , we are able to access https://domainname/zimbra internet but performance is very poor. instead of using in this we want to access web clinet interface with ssl by installing commercial ssl on our load balancer ( F5). And during testing when we use above mentioned url by installing ssl on f5 then we are able to get main page but once we put the login credential its going back to http and as per logs it lost the communication from f5 and its only taking pages from external apache...
pls suggest how to fix this issue....
and one more thing i couldnt find tomcat configuration in zcs 5...and there is no executable to run tomcat service which was avalible on old zcs versions...pls let me know where can i get tomcat config in zcs 5.0.13
ZCS5 now uses Jetty instead of Tomcat.
Hi! How can i get this fix ?
Usually when you've got it behind a load balancer like that, you can have Zimbra in http mode and have the load balancer just use http to talk to Zimbra. I haven't used F5 myself, but I know both Netscaler and Zeus/Stingray can do SSL offloading, so I'd be very surprised if F5 can't.
We have our commercial certificate in our Zeus/Stingray load balancer and have it decrypt the traffic before sending to the zimbra proxies.