Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Accessing external accounts from Zimbra

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 05-08-2011, 10:19 AM
Intermediate Member
  
Posts: 18
Default Accessing external accounts from Zimbra
Hi there,

I came across a problem that when a user tries to add an external account with SSL IMAP connection in his Preferences - Accounts settings, the connection test fails with some cryptic message. In the mailbox.log I found more hints:
Code:
...
Code:service.FAILURE
        at com.zimbra.common.service.ServiceException.FAILURE(ServiceException.java:248)
...
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: [the remote server cert info]
...
Caused by: java.security.cert.CertificateException: [the remote server cert info]
        at com.zimbra.common.net.CustomTrustManager.checkServerTrusted(CustomTrustManager.java:90)
...
Looks like the remote server's cert is considered untrusted and the connection fails. The server uses a cert signed by a custom in-house CA. Is there a way to import this CA cert somewhere into Zimbra so it would consider this SSL IMAP connection trusted? Or (less prefered) is there a way to disable certificate validation for these types of connections?

Thank you for any replies. Have a nice day.
Reply With Quote
  #2 (permalink)  
Old 05-08-2011, 11:35 AM
Advanced Member
  
Posts: 222
Default
If remote server FORCES SSL, then I hope someone will help you with the part of the question about importing cert to Zimbra. But if remote server does not force SSL, you may try without checking "SSL" option under external account and click on "Test".
Reply With Quote
  #3 (permalink)  
Old 05-08-2011, 12:46 PM
Intermediate Member
  
Posts: 18
Default
Hi Labsy,
thanks for the tip, the server could accept a connection without SSL but it would go through the Internet and I'd rather not send my passwords unsecured.
Reply With Quote
  #4 (permalink)  
Old 05-10-2011, 06:26 AM
Intermediate Member
  
Posts: 18
Unhappy Zimbra SSL problem
This seems to be a general Zimbra SSL problem. It also affects the migration wizard in the admin console, when I try to migrate from "generic IMAP server", in the mailbox log I see the same errors about invalid certificate and the migration fails

Is there any way to solve this? i.e. make Zimbra accept the SSL certificate of the remote IMAP server?
Reply With Quote
  #5 (permalink)  
Old 05-10-2011, 03:07 PM
Starter Member
  
Posts: 1
Default
I have exactly the same problem under the 7.1.0 Release. I tried to set the data_source_trust_self_signed_certs entry to true via zmlocalconfig as said elsewhere but nothing happens, even if I restart the server.

Is this a known bug and are some people working on it ?
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.