Quote:
Originally Posted by soxfan  You probably want to look at maillog and messages in /var/log and mailbox.log in /opt/zimbra/log.
Just a guess but I'm thinking your problem may have to do with expired self-signed certificates. |
cat /opt/zimbra/log/mailbox.log
--------------------------------------------------------------------------------------
com.zimbra.common.service.ServiceException: system failure: ZimbraLdapContext
ExceptionId:ImapServer-7711:1286933660297:2e70a68b7c8038dd
Code:service.FAILURE
at com.zimbra.common.service.ServiceException.FAILURE (ServiceException.java:251)
at com.zimbra.cs.account.ldap.ZimbraLdapContext.<init >(ZimbraLdapContext.java:352)
at com.zimbra.cs.account.ldap.ZimbraLdapContext.<init >(ZimbraLdapContext.java:321)
at com.zimbra.cs.account.ldap.ZimbraLdapContext.<init >(ZimbraLdapContext.java:314)
at com.zimbra.cs.account.ldap.LdapProvisioning.getSer verByName(LdapProvisioning.java:2507)
at com.zimbra.cs.account.ldap.LdapProvisioning.getSer verByNameInternal(LdapProvisioning.java:2496)
at com.zimbra.cs.account.ldap.LdapProvisioning.getLoc alServer(LdapProvisioning.java:3106)
at com.zimbra.cs.imap.ImapConfig.allowCleartextLogins (ImapConfig.java:147)
at com.zimbra.cs.imap.ImapHandler.allowCleartextLogin s(ImapHandler.java:1115)
at com.zimbra.cs.imap.ImapHandler.doLOGIN(ImapHandler .java:1122)
at com.zimbra.cs.imap.ImapHandler.executeRequest(Imap Handler.java:456)
at com.zimbra.cs.imap.TcpImapHandler.processCommand(T cpImapHandler.java:101)
at com.zimbra.cs.tcpserver.ProtocolHandler.processCon nection(ProtocolHandler.java:175)
at com.zimbra.cs.tcpserver.ProtocolHandler.run(Protoc olHandler.java:132)
at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Wo rker.run(Unknown Source)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
at com.sun.net.ssl.internal.ssl.Alerts.getSSLExceptio n(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(S SLSocketImpl.java:1611)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Ha ndshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.proc essMessage(ClientHandshaker.java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoo p(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_re cord(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(SSLSocketImpl.java:1139)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHa ndshake(SSLSocketImpl.java:1123)
at com.sun.jndi.ldap.ext.StartTlsResponseImpl.startHa ndshake(StartTlsResponseImpl.java:344)
at com.sun.jndi.ldap.ext.StartTlsResponseImpl.negotia te(StartTlsResponseImpl.java:208)
at com.sun.jndi.ldap.ext.StartTlsResponseImpl.negotia te(StartTlsResponseImpl.java:161)
at com.zimbra.cs.account.ldap.ZimbraLdapContext.tlsNe gotiate(ZimbraLdapContext.java:307)
at com.zimbra.cs.account.ldap.ZimbraLdapContext.<init >(ZimbraLdapContext.java:341)
... 14 more
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed
at sun.security.validator.PKIXValidator.doValidate(PK IXValidator.java:251)
at sun.security.validator.PKIXValidator.doValidate(PK IXValidator.java:234)
at sun.security.validator.PKIXValidator.engineValidat e(PKIXValidator.java:158)
at sun.security.validator.Validator.validate(Validato r.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl. checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serv erCertificate(ClientHandshaker.java:1014)
... 26 more
Caused by: java.security.cert.CertPathValidatorException: timestamp check failed
at sun.security.provider.certpath.PKIXMasterCertPathV alidator.validate(PKIXMasterCertPathValidator.java :139)
at sun.security.provider.certpath.PKIXCertPathValidat or.doValidate(PKIXCertPathValidator.java:326)
at sun.security.provider.certpath.PKIXCertPathValidat or.engineValidate(PKIXCertPathValidator.java:178)
at java.security.cert.CertPathValidator.validate(Cert PathValidator.java:250)
at sun.security.validator.PKIXValidator.doValidate(PK IXValidator.java:246)
... 33 more
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Wed Oct 13 01:43:41 HKT 2010
at sun.security.x509.CertificateValidity.valid(Certif icateValidity.java:256)
at sun.security.x509.X509CertImpl.checkValidity(X509C ertImpl.java:570)
at sun.security.provider.certpath.BasicChecker.verify Timestamp(BasicChecker.java:157)
at sun.security.provider.certpath.BasicChecker.check( BasicChecker.java:109)
at sun.security.provider.certpath.PKIXMasterCertPathV alidator.validate(PKIXMasterCertPathValidator.java :117)
... 37 more
2010-10-13 09:34:20,381 INFO [ImapServer-7711] [] ProtocolHandler - Handler exiting normally
2010-10-13 09:35:02,365 INFO [Shutdown] [] log - Shutdown hook executing
--------------------------------------------------------------------------------------
How can i fix with with expired self-signed certificates problem?
Many thanks.
Bugzilla
Wiki
Source
Unable to determine enabled services from ldap. 
Linear Mode
