Results 1 to 2 of 2

Thread: Server stopped working and can't create new сertificates

  1. #1
    mr.Trash is offline New Member
    Join Date
    Sep 2010
    Posts
    4
    Rep Power
    4

    Default Server stopped working and can't create new сertificates

    Need help
    It was found that the mail server (frebsd os) with zimbra 6.0.6 does not work
    As I understood the problem with certificates.
    Code:
    $zmcontrol start
    Host mail.my_real_domain.ru
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.                                                                                                            
    Starting logger...Failed. Starting logswatch...ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed)                                                                                
    zimbra logger service is not enabled!  failed.                                                                                                                               
    Starting mailbox...Done.
    Starting memcached...Done.
    Starting imapproxy...Done.
    Starting antispam...Done.
    Starting antivirus...Done
    Starting snmp...Done.
    Starting spell...Done.
    Starting mta...Done
    Starting stats...Done.
    I read the instructions and try to create new certificates, but has a problem.
    already tried to do it any way, and don't understend
    Code:
    ** Retrieving CA private key from ldap...failed.                                                                                                                             
    ** Retrieving CA cert from ldap...failed.  
    ** Saving server config key zimbraSSLPrivateKey...failed.
    sequence of operations approximately this:
    as root.
    #rm -R /opt/zimbra/ssl/*
    zmcertmgr createca -new
    Code:
    ** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf...done                                                                                                                       
    ** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key...done.                                                                                                          
    ** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem...done.
    #zmcertmgr deploycrt self.
    Code:
    ** Saving server config key zimbraSSLCertificate...failed.. 
    ** Saving server config key zimbraSSLPrivateKey...failed..  
    ** Installing mta certificate and key...done..
    ** Installing slapd certificate and key...done.     
    ** Installing proxy certificate and key...done..     
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done..   
    ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done..   
    ** Installing CA to /opt/zimbra/conf/ca...done..
    #zmcertmgr deployca.
    Code:
    ** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTS...done.. 
    ** Saving global config key zimbraCertAuthorityCertSelfSigned...failed..      
    ** Saving global config key zimbraCertAuthorityKeySelfSigned...failed..
    ** Copying CA to /opt/zimbra/conf/ca...done..
    #zmcertmgr viewdeployedcrt.
    Code:
    ::service mta::. 
    notBefore=May 20 05:16:54 2011 GMT.
    notAfter=May 19 05:16:54 2012 GMT. 
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru 
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru
    SubjectAltName=. 
    ::service proxy::.   
    notBefore=May 20 05:16:54 2011 GMT.
    notAfter=May 19 05:16:54 2012 GMT. 
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru 
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru
    SubjectAltName=. 
    ::service mailboxd::.
    notBefore=May 20 05:16:54 2011 GMT.
    notAfter=May 19 05:16:54 2012 GMT. 
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru 
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru
    SubjectAltName=. 
    ::service ldap::.
    notBefore=May 20 05:16:54 2011 GMT.
    notAfter=May 19 05:16:54 2012 GMT. 
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru 
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=mail.my_real_domain.ru
    SubjectAltName=
    all my attempts to go into a blind alley.
    very need restore this server

  2. #2
    mr.Trash is offline New Member
    Join Date
    Sep 2010
    Posts
    4
    Rep Power
    4

    Default

    Sorry!
    I spent a couple of hours for tiny problem. Don't forget run this command
    keytool -import -alias root -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /opt/zimbra/conf/ca/ca.pem

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •