Results 1 to 3 of 3

Thread: [SOLVED] Untrusted Certificate Error

  1. #1
    RthuR is offline Intermediate Member
    Join Date
    May 2011
    Location
    Paris, France
    Posts
    21
    Rep Power
    3

    Post [SOLVED] Untrusted Certificate Error

    Hello,

    First I'd like to thank everybody here for the wonderfull product that is Zimbra.

    I am running Zimbra Opensource 7.1.0 GA on Centos 5.6 x64. After blundering through the install process, I hit a couple of hicups but nothing the wiki couldn't help me with. Everything is now working except for my mail relay which is smtp.googlemail.com

    I ran the following commands to set smtp.googlemail.com as a mail relay: (PASSWORD was replaced with the correct password to the account)

    Code:
    zmprov ms mail.sensero.org zimbraMtaRelayHost smtp.googlemail.com:587
    echo smtp.googlemail.com sensero.org@gmail.com:PASSWORD > /opt/zimbra/conf/relay_password
    postmap hash:/opt/zimbra/conf/relay_password
    postmap -q smtp.googlemail.com /opt/zimbra/conf/relay_password
    postconf -e smtp_sasl_password_maps=hash:/opt/zimbra/conf/relay_password
    postconf -e smtp_sasl_auth_enable=yes
    postconf -e smtp_cname_overrides_servername=no
    postfix reload
    postconf -e smtp_use_tls=yes
    postconf -e smtp_tls_security_level=may
    postfix reload
    zmlocalconfig -e postfix_smtp_sasl_password_maps=hash:/opt/zimbra/conf/relay_password
    zmlocalconfig -e postfix_smtp_sasl_security_options=noanonymous
    zmlocalconfig -e postfix_smtp_use_tls=yes
    zmlocalconfig -e postfix_smtp_cname_overrides_servername=no
    zmcontrol restart
    But my mails were deffered due to "sasl authentication failed..." By running:

    Code:
    debug_eer_list=smtphm.sympatico.ca
    debug_peer_level=3
    I log the following error messages:

    Code:
    May 17 20:39:02 mail postfix/qmgr[18048]: AA0A616407F0: from=<arthur@sensero.org>, size=2763, nrcpt=1 (queue active)
    
    May 17 20:39:02 mail postfix/smtp[20618]: certificate verification failed for smtp.googlemail.com[209.85.229.16]:587: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
    
    May 17 20:39:02 mail postfix/smtp[20618]: warning: SASL authentication failure: No worthy mechs found
    
    May 17 20:39:02 mail postfix/smtp[20618]: AA0A616407F0: to=<XXX@XXX.com>, relay=smtp.googlemail.com[209.85.229.16]:587, delay=0.62, delays=0.35/0.04/0.22/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.googlemail.com[209.85.229.16]: no mechanism available)
    So far I have found that google does not require plaintext authentication, that my /etc/hosts file is correct and that my split DNS functions correctly.

    From what I have read, I need to append the Equifax certificate to my cacert.pem file, ecept I cannot find this. I have tried using postconf -e postfix_smtp_tls_CAfile= and set it to a file that contained the Equifax security certificate but that hasnt worked...

    Any help would greatly be appreciated!

    Arthur

  2. #2
    RthuR is offline Intermediate Member
    Join Date
    May 2011
    Location
    Paris, France
    Posts
    21
    Rep Power
    3

    Default

    Does no one know the answer to this? Please help!
    Last edited by RthuR; 05-20-2011 at 07:46 AM.

  3. #3
    RthuR is offline Intermediate Member
    Join Date
    May 2011
    Location
    Paris, France
    Posts
    21
    Rep Power
    3

    Default

    EDIT: Nevermind, the problem apparently wasnt the certificate but the authentication mechanism which was set to no plain text.
    Changing it to only noanonymous solved the issue.
    See this link: http://wiki.zimbra.com/wiki/Outgoing...roubleshooting
    Last edited by RthuR; 06-05-2011 at 08:44 AM. Reason: Solved

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 5
    Last Post: 05-11-2012, 02:16 PM
  2. [SOLVED] I broke my server trying to optimize... HELP!
    By myriad in forum Administrators
    Replies: 9
    Last Post: 09-17-2011, 06:46 AM
  3. Replies: 6
    Last Post: 03-14-2011, 04:21 AM
  4. [SOLVED] New zcs 7 install : database errors founds
    By dkbk in forum Administrators
    Replies: 4
    Last Post: 03-01-2011, 06:49 AM
  5. Zimbra fails after working for 2 weeks
    By Linsys in forum Administrators
    Replies: 10
    Last Post: 10-07-2008, 12:42 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •