Results 1 to 8 of 8

Thread: Issue creating Self-Signed Certificate

  1. #1
    jtran is offline Starter Member
    Join Date
    Sep 2010
    Location
    Toronto
    Posts
    1
    Rep Power
    4

    Default Issue creating Self-Signed Certificate

    Requesting help regarding logger not starting up (timestamp check failed)

    zmcontrol -v
    Release 6.0.5_GA_2213.RHEL5_20100202220948 CentOS5 FOSS edition.

    zmcontrol status
    antispam Running
    antivirus Running
    ldap Running
    logger Stopped
    zmlogswatchctl is not running
    mailbox Stopped
    zmmailboxdctl is not running.
    mta Running
    snmp Running
    spell Running
    stats Stopped

    zmcontrol start
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.
    Starting logger...Failed.
    Starting logswatch...ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed)
    zimbra logger service is not enabled! failed.
    Starting mailbox...Done.
    Starting antispam...Done.
    Starting antivirus...Done.
    Starting snmp...Done.
    Starting spell...Done.
    Starting mta...Done.
    Starting stats...Done.

    Verified DNS and everything is working fine.

    Tried recreating self-signed certificate, but errors with the following:

    ./zmcertmgr createca -new
    ** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf...done
    ** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key...done.
    ** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem...done.

    ./zmcertmgr createcrt -new -days 365
    Validation days: 365
    ** Creating /opt/zimbra/conf/zmssl.cnf...done
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20100910112948
    ** Generating a server csr for download self -new -keysize 1024
    ** Creating /opt/zimbra/conf/zmssl.cnf...done
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20100910112948
    ** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.

    ./zmcertmgr deploycrt self
    ** Saving server config key zimbraSSLCertificate...failed.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Installing mta certificate and key...done.
    ** Installing slapd certificate and key...done.
    ** Installing proxy certificate and key...done.
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
    ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.

    Any help is appreciated, Thank You in advance

  2. #2
    Filly is offline Junior Member
    Join Date
    May 2009
    Posts
    7
    Rep Power
    6

    Default

    exactly the same her ... my zimbra is not working at all now, please help

    i'm on debian 64 bit, 6.0.4 currenty installed. update to 6.0.8 did not work either

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,580
    Rep Power
    57

    Default

    Quote Originally Posted by Filly View Post
    exactly the same her ... my zimbra is not working at all now, please help

    i'm on debian 64 bit, 6.0.4 currenty installed. update to 6.0.8 did not work either
    Instead of posting a 'me too' which tells us nothing it would be helpful if you actually gave some details of what the problem is - with complete steps to reproduce it or the exact steps you've taken to get yourself in this position. Did you also search the forums for information on how to install a certificate? You should also check the log files and see if there's any relevant information in there.

    According to the original posters information it says that the logger service isn't enabled, is that the case in your error messages? Check the status of the enabled servcies with the following:

    Code:
    zmprov gs `zmhostname` | grep zimbraServiceEnabled
    Use that command exactly as you see it with backticks not single quotes and do not change the word hostname to anything else.

    To save us having to ask you each time you post you should also update your forum profile with the output of the following command (do not post the output in this thread):

    Code:
    zmcontrol -v
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    controloye is offline Starter Member
    Join Date
    Dec 2010
    Posts
    1
    Rep Power
    4

    Default logger not starting up (timestamp check failed)

    I had the same problem and follwoing worked for me.
    I am glad my server is up now.
    Thanks for your tips.

    ./zmcertmgr createcrt -new -days 365

    ./zmcertmgr deploycrt self

  5. #5
    morgab is offline Junior Member
    Join Date
    Mar 2010
    Posts
    6
    Rep Power
    5

    Default Permission denied

    Quote Originally Posted by controloye View Post
    I had the same problem and follwoing worked for me.
    I am glad my server is up now.
    Thanks for your tips.

    ./zmcertmgr createcrt -new -days 365

    ./zmcertmgr deploycrt self
    Hi!

    When I try to run this command, I get "./zmcertmgr: Permission denied"
    I guess there's a simple solution, but what is it? I am supposedly running as a super user named zimbra.
    Thanks

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,580
    Rep Power
    57

    Default

    Quote Originally Posted by morgab View Post
    When I try to run this command, I get "./zmcertmgr: Permission denied"
    I guess there's a simple solution, but what is it? I am supposedly running as a super user named zimbra.
    Details for using that command are here: Administration Console and CLI Certificate Tools - Zimbra :: Wiki BTW, there is no "super user" named zimbra, that's a 'normal' linux user.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    morgab is offline Junior Member
    Join Date
    Mar 2010
    Posts
    6
    Rep Power
    5

    Default

    Quote Originally Posted by phoenix View Post
    Details for using that command are here: Administration Console and CLI Certificate Tools - Zimbra :: Wiki BTW, there is no "super user" named zimbra, that's a 'normal' linux user.
    Yeah, you're right

    I just read the article and successfully ran commands to renew the certificate.
    Thanks anyway!

    Btw. I also ran these commands prior to the zmcertmgr commands, to "clean up" the permissions:

    > chown -R zimbra:zimbra /opt/zimbra
    > /opt/zimbra/libexec/zmfixperms -verbose

  8. #8
    kasunmaduraeng is offline Starter Member
    Join Date
    Apr 2013
    Posts
    1
    Rep Power
    2

    Default KasunR reply

    HI all,

    login with root and run as following

    root@mail:/opt/zimbra/bin# ./zmcertmgr createcrt -new -days 365

    then its work well


    Kasun Madura Rathnayaka

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 2
    Last Post: 11-03-2009, 03:12 AM
  2. 4.0.4 to 4.5.6 upgrade failed in network edition
    By chenthil in forum Administrators
    Replies: 1
    Last Post: 08-27-2007, 09:36 AM
  3. [SOLVED] Simple backup question...
    By dameron in forum Administrators
    Replies: 3
    Last Post: 08-25-2007, 09:36 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •