ZimbraSSLPrivateKey failed after deploying certs

**vtx624** · 10-13-2009, 02:53 PM

Zimbra,

I get this message when I try to deploy one of my certs

**Saving server config key zimbraSSLPrivateKey…failed.

How do I go about resolving this issue.

Code:

** Verifying /opt/tmp/new_cert2009/test_cert/ssl.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (/opt/tmp/new_cert2009/test_cert/ssl.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: /opt/tmp/new_cert2009/test_cert/ssl.crt: OK
** Copying /opt/tmp/new_cert2009/test_cert/ssl.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Appending ca chain /opt/tmp/new_cert2009/test_cert/ca.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Saving server config key zimbraSSLCertificate...done.
** Saving server config key zimbraSSLPrivateKey...failed.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
** Installing CA to /opt/zimbra/conf/ca...done.

By the way I'm using startssl certs

Any help would be appreciated

**vtx624** · 10-13-2009, 06:08 PM

I've search around the forums and People have provided this information.

I am also using a DRBD and heartbeat setup. I have not restarted yet in fear that zimbra won't start.

Does anyone have a clue?

Thanks

Here is my vi/etc/hosts

Code:

127.0.0.1       localhost.localdomain localhost
10.1.200.62     mail-1.example.com        mail-1
10.1.200.57     mail-2.example.com        mail-2
10.1.200.62     mail.example.com          mail

hostname `hostname`

Code:

mail-1.example.com has address 10.1.200.62

dig

Code:

; <<>> DiG 9.3.4-P1.1 <<>> mx example.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12500
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;example.com.             IN      MX

;; ANSWER SECTION:
example.com.      2592000 IN      MX      10 mail.example.com.

;; AUTHORITY SECTION:
example.com.      2592000 IN      NS      mail-2.example.com.

;; ADDITIONAL SECTION:
mail.example.com. 2592000 IN      A       10.1.200.13


;; Query time: 0 msec
;; SERVER: 10.1.200.57#53(10.1.200.57)
;; WHEN: Tue Oct 13 18:05:37 2009
;; MSG SIZE  rcvd: 133

**vtx624** · 10-13-2009, 07:46 PM

I have tried editing all both hosts and hostname with mail.vertextelecom on 10.1.200.62. I also changed the DNS entry to that. It did not not work.

**vtx624** · 10-14-2009, 02:54 PM

I have restarted the services and it seems to have come up just fine. Does anyone know what services are affected by the zimbraSSLPrivatekey.

Thanks

**markd** · 10-28-2009, 12:22 PM

Have similar situation.

Saving server config key zimbraSSLCertificate...failed.
Saving server config key zimbraSSLPrivateKey...failed.

Note, I was deploying the certs while zimbra was not running,
does that have any effect.

After starting zimbra, so no errors. Admin console for certificates
appears to show everything correct. I don't see any immediate
side effects, yet.

Zimbra

Thread: ZimbraSSLPrivateKey failed after deploying certs

LinkBack

Thread Tools

Search Thread

Display

ZimbraSSLPrivateKey failed after deploying certs

same error but works

Thread Information

Users Browsing this Thread

Similar Threads

[SOLVED] Zimbra logwatch.

Help!!! Moving ZCS does not work!

Problem with Mail Server - Need help!

My Zimbra server down ... please help :)

Lotus migration

Posting Permissions