[SOLVED] Transfer SSL certificates between servers

I was following this guide Transfer SSL certificates between servers - Zimbra :: Wiki on how to transfer certificate between servers.
Am transferring from 5.0.2x to 6.0.4.

After running this command ./zmcertmgr deploycrt comm, I get this:

Code:

root@mail:/opt/zimbra/bin# ./zmcertmgr deploycrt comm /sslbk/zimbra/commercial/commercial.crt //sslbk/ssl/zimbra/commercial/commercial_ca.crt ** Verifying /sslbk/ssl/zimbra/commercial/commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key Certificate (/sslbk/ssl/zimbra/commercial/commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match. Valid Certificate: /sslbk/ssl/zimbra/commercial/commercial.crt: OK ** Copying /sslbk/ssl/zimbra/commercial/commercial.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt ** Appending ca chain //sslbk/ssl/zimbra/commercial/commercial_ca.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt ** Saving server config key zimbraSSLCertificate...failed. ** Saving server config key zimbraSSLPrivateKey...failed. ** Installing mta certificate and key...done. ** Installing slapd certificate and key...done. ** Installing proxy certificate and key...done. ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done. ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done. ** Installing CA to /opt/zimbra/conf/ca...done.

After this, I ran the command zmcontrol start and got this:

Code:

zimbra@mail:~$ zmcontrol start Host mail.nhagman.info Starting ldap...Done. Unable to determine enabled services from ldap. Enabled services read from cache. Service list may be inaccurate. Starting logger...Failed. Starting logswatch...ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target) zimbra logger service is not enabled! failed. Starting mailbox...Done. Starting antispam...Done. Starting antivirus...Done. Starting snmp...Done. Starting spell...Done. Starting mta...Done. Starting stats...Done.

I also restarted my machine and run the command zmcontrol status and got this:

Code:

zimbra@mail:~$ zmcontrol status Unable to determine enabled services from ldap. Enabled services read from cache. Service list may be inaccurate. Host mail.nhagman.info antispam Running antivirus Running ldap Running logger Stopped zmlogswatchctl is not running mailbox Stopped zmmailboxdctl is not running. mta Running snmp Running spell Running stats Running

Please advice.

After running this code, it started to work.

Code:

/opt/zimbra/java/bin/keytool -import -alias new -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /sslbk/zimbra/commercial/commercial.crt

I got the solution from another thread. Can someone please explain -storepass changeit, because I did not change it..
Anyway, the wiki guide is probably incorrect for zimbra 6.0.x.

Quote:

Originally Posted by Blinkiz

Can someone please explain -storepass changeit, because I did not change it...

keytool "-storepass changeit " manpage - Google Search

Quote:

Originally Posted by Blinkiz

phoenix, try to be polite for ones and try to help out without pressing the asking person down..
Zimbra forum should be a nice collection of help topics about anything related to Zimbra. Giving me a link to google saying "learn tomcat", is not the way.

I don't really understand what you're talking about I never mentioned 'learn tomcat'. :confused:

You asked for an explanation of what 'changeit' was, did the second item in the search not answer your question? If providing you with the answer isn't polite enough for you then I'll leave you to find it yourself in future.