Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page [SOLVED] No working TLS (SSL) after upgrade to 7.0.0

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 02-20-2011, 04:58 AM
Senior Member
  
Posts: 55
Default [SOLVED] No working TLS (SSL) after upgrade to 7.0.0
Am having problem getting SSTMP (TLS port 465) to work after upgrade from 6.0.10 to 7.0.0. Ubuntu 10.04 system, 64 bit.
Webgui https work, certs seems to be nicely installed according to zimbra admin gui.

When trying to connect from localhost, I get this:
Code:
=== Trying localhost:465...
=== Connected to localhost.
*** TLS startup failed (error:00000000:lib(0):func(0):reason(0))
Zimbra.log tells me:
Code:
Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: No server certs available. TLS won't be enabled
Feb 20 13:52:08 mail postfix/smtpd[30046]: warning: No server certs available. TLS won't be enabled
So I guess the upgrade lost my certs. Lets reinstall:
Code:
root@mail:/tmp# /opt/zimbra/bin/zmcertmgr deploycrt comm commercial.crt commercial_ca.crt 
** Verifying commercial.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (commercial.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: commercial.crt: OK
** Copying commercial.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Appending ca chain commercial_ca.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Importing certificate /opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt to CACERTS as zcs-user-commercial_ca...done.
** NOTE: mailboxd must be restarted in order to use the imported certificate.
** Saving server config key zimbraSSLCertificate...done.
** Saving server config key zimbraSSLPrivateKey...done.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
** Installing CA to /opt/zimbra/conf/ca...done.
After restart of zimbra, still the same error.
Please advice.
Reply With Quote
  #2 (permalink)  
Old 02-20-2011, 05:00 AM
Zimbra Consultant & Moderator
  
Posts: 20,314
Default
Quote:
Originally Posted by Blinkiz View Post
Am having problem getting SSTMP (TLS port 465) to work after upgrade from 6.0.10 to 7.0.0.
Use port 587, it's the correct Submission port (you'll also need to authenticate using that port).
__________________
Regards


Bill
Reply With Quote
  #3 (permalink)  
Old 02-20-2011, 05:07 AM
Senior Member
  
Posts: 55
Default
I can see that my postfix main.cf is empty after upgrade to 7.0.0.
Searched this forum and found a bunch of other people having the same problem.

So my problem is not with TLS, is because of a empty main.cf. I though it was strange I did not get any mails
Luckily, this was just my home server.
http://www.zimbra.com/forums/install...ual-hosts.html
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.