[SOLVED] No working TLS (SSL) after upgrade to 7.0.0

**Blinkiz** · 02-20-2011, 04:58 AM

Am having problem getting SSTMP (TLS port 465) to work after upgrade from 6.0.10 to 7.0.0. Ubuntu 10.04 system, 64 bit.
Webgui https work, certs seems to be nicely installed according to zimbra admin gui.

When trying to connect from localhost, I get this:

Code:

=== Trying localhost:465...
=== Connected to localhost.
*** TLS startup failed (error:00000000:lib(0):func(0):reason(0))

Zimbra.log tells me:

Code:

Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: No server certs available. TLS won't be enabled
Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: No server certs available. TLS won't be enabled

So I guess the upgrade lost my certs. Lets reinstall:

Code:

root@mail:/tmp# /opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt 
** Verifying commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: commercial.crt: OK
** Copying commercial.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Appending ca chain commercial_ca.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Importing certificate /opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt to CACERTS as zcs-user-commercial_ca...done.
** NOTE: mailboxd must be restarted in order to use the imported certificate.
** Saving server config key zimbraSSLCertificate...done.
** Saving server config key zimbraSSLPrivateKey...done.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
** Installing CA to /opt/zimbra/conf/ca...done.

After restart of zimbra, still the same error.
Please advice.

**phoenix** · 02-20-2011, 05:00 AM

Originally Posted by Blinkiz

Am having problem getting SSTMP (TLS port 465) to work after upgrade from 6.0.10 to 7.0.0.

Use port 587, it's the correct Submission port (you'll also need to authenticate using that port).

**Blinkiz** · 02-20-2011, 05:07 AM

I can see that my postfix main.cf is empty after upgrade to 7.0.0.
Searched this forum and found a bunch of other people having the same problem.

So my problem is not with TLS, is because of a empty main.cf. I though it was strange I did not get any mails

Luckily, this was just my home server.
http://www.zimbra.com/forums/install...ual-hosts.html

Zimbra

Thread: [SOLVED] No working TLS (SSL) after upgrade to 7.0.0

LinkBack

Thread Tools

Search Thread

Display

[SOLVED] No working TLS (SSL) after upgrade to 7.0.0

Thread Information

Users Browsing this Thread

Similar Threads

Upgrade from 6.0.10 to 7 beta4

6.0.10 to 7.0.0 NetworkEdition Upgrade Problems

Damaged jetty SSL keystore after upgrade from 5.0.1 to 5.0.2

IMAP TLS Problems after upgrade to 4.5.3

Posting Permissions