Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: TLS Errors after installing Thawte cert

  1. #1
    rogle is offline Active Member
    Join Date
    Feb 2009
    Location
    Pigeon Forge
    Posts
    28
    Rep Power
    6

    Default TLS Errors after installing Thawte cert

    I am attempting a new install of zimbra. I am new to the product.
    I was using a self generated cert until ready to go live, when I installed a cert from thawte.

    Prior to the install, the self-signed cert smtp worked fine, but couldn't get IE to trust the cert- thus purchasing one from thawte.

    Since installation, the browsers don't complain about the ssl, but email clients can't access smtp.

    Could postfix still be looking at the old cert somehow and puking on that? If so, how do I verify?

    Thank you for your patience.

  2. #2
    rogle is offline Active Member
    Join Date
    Feb 2009
    Location
    Pigeon Forge
    Posts
    28
    Rep Power
    6

    Default Still stuck

    I'm still stuck....I'm *not* trying to be smart here- does this mean that I'm the only person in the history of zimbra that has had trouble installing a third party cert?


  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Have you searched the forums or tried these instructions?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    rogle is offline Active Member
    Join Date
    Feb 2009
    Location
    Pigeon Forge
    Posts
    28
    Rep Power
    6

    Default Doesn't match the wizard

    well...I *thought* I did.

    I have since generated a new csr via the web ui and gotten thawte to generate a new cert.
    I copied the cert to notepad and saved as mycert.pem
    I go through the install cert wizard and it asks for a Certificate as well as a CA. It won't let me give it same file for both.

    So...where do I go from there?

  5. #5
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

  6. #6
    rogle is offline Active Member
    Join Date
    Feb 2009
    Location
    Pigeon Forge
    Posts
    28
    Rep Power
    6

    Default Progress!?

    OK...I got past the UI deal by the second post in this thread.
    [SOLVED] Commercial Certificate - Thawte - ZC5

    Whoo Hoo!!

    -----
    Now, slapd won't start.


    $ zmcontrol start
    Host <machine name>
    Starting ldap...Done.
    FAILED
    Failed to start slapd. Attempting debug start to determine error.
    TLS: error:0906D06C EM routines EM_read_bio:no start line pem_lib.c:647
    TLS: error:0906D06C EM routines EM_read_bio:no start line pem_lib.c:647
    TLS: error:02001002 ystem library:fopen:No such file or directory bss_file.c:356
    TLS: error:20074002:BIO routines:FILE_CTRL ystem lib bss_file.c:358
    main: TLS init def ctx failed: -1

  7. #7
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Which version of openssl do you have installed?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    rogle is offline Active Member
    Join Date
    Feb 2009
    Location
    Pigeon Forge
    Posts
    28
    Rep Power
    6

    Default

    openssl 0.9.8i


    ...and THANK YOU for the quick responses!!!!!
    Last edited by rogle; 03-26-2009 at 09:29 AM. Reason: thanks

  9. #9
    rogle is offline Active Member
    Join Date
    Feb 2009
    Location
    Pigeon Forge
    Posts
    28
    Rep Power
    6

    Default new error

    sudo /opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/commercial_ca.crt
    ** Verifying /tmp/commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
    Certificate (/tmp/commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
    Valid Certificate: /tmp/commercial.crt: OK
    ** Copying /tmp/commercial.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
    ** Appending ca chain /tmp/commercial_ca.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
    ** Saving server config key zimbraSSLCertificate...failed.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Installing mta certificate and key...done.
    ** Installing slapd certificate and key...done.
    ** Installing proxy certificate and key...done.
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
    ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
    ** Installing CA to /opt/zimbra/conf/ca...done.

  10. #10
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Follow all the instructions in this post: [SOLVED] Commercial cert Thawte
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 5
    Last Post: 04-27-2009, 04:17 PM
  2. Replies: 8
    Last Post: 08-19-2008, 12:48 PM
  3. Installing Commercial Cert From Old Server
    By martin.beauchamp in forum Installation
    Replies: 1
    Last Post: 07-14-2008, 09:42 AM
  4. Replies: 4
    Last Post: 03-17-2008, 06:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •