After doing a clean install of zimbra and following the howto about installing a preexisting certifcate(link) ldap won't start. I'll try to give as much information as possible to hopefully solve my problem.
I know that some of this information may be irrelevant but i dint know what to leave out
The installation is on a VM(Xen) with 512Mb ram, installed on mail.example.com. With bind9 locally.
Zone file example.com
Due to the limitation of hardware i chose to turn off services i didn't need such as AV, spam, logger, stats and snmp following this guide
@ IN SOA ns.example.com. admin.example.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS ns
ns IN A 127.0.0.1
@ IN A 127.0.0.1
@ IN MX 10 mail
mail IN MX 10 mail
mail IN A 127.0.0.1
After checking that my installation actually worked, i continued to install my certificate following the guide blindly. Certificates are supplied by startcom and are valid for mail.example.com and example.com. Only changing the certificates in the chain from the ones from startcom
I followed the guide and no errors occurred during installation, until restarting zimbra.
cat ca.pem >> ca_bundle.crt
cat sub.class1.server.ca.pem >> ca_bundle.crt
When restarting zimbra, output is as following
And /var/log/zimbra.log (rest of the log is attached)
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
After searching google for a generic non-zimbra-specific solution it seems the my certificate isn't valid for my domain? source, this didn't help me either.
Jan 30 13:31:13 mail zimbramon: 2595:info: zmmtaconfig: Skipping All Memcached Servers update.
Jan 30 13:31:13 mail zimbramon: 2595:info: zmmtaconfig: Skipping getAllMemcachedServers ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
So hopefully someone see where i went wrong and know how i can fix this. I have been reading around the forum a bit, and even thou threads are marked as solved, none helped me.
And more information can be delivered if needed.