Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Zimbra 7.1.1 Starting nginx...nginx: [emerg] SSL_CTX_use_certificate_chain_file

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 07-25-2011, 11:42 PM
Senior Member
  
Posts: 73
Default Zimbra 7.1.1 Starting nginx...nginx: [emerg] SSL_CTX_use_certificate_chain_file
Hi

I have an Problem on my 7.1.1 Master/Replica installation. When I restart the zimbra "zmcontrol stop" "zmcontrol start" nginx does not start anymore.

Starting nginx...nginx: [emerg] SSL_CTX_use_certificate_chain_file("/opt/zimbra/conf/domaincerts/mydomain.com.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory error:20074002:BIO routines:FILE_CTRL:system lib error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib)
failed.

This happens after the first domain where added.
There is no "/opt/zimbra/conf/domaincerts/" folder on my system.
We have no idea why this happens, we don't use an domain certificate (for this installation we don't want any).

Have someone an idea how to fix this?

yogg
__________________
Release 7.1.2_GA_3268.UBUNTU8_64 UBUNTU8_64 NETWORK edition.
Reply With Quote
  #2 (permalink)  
Old 07-27-2011, 11:39 PM
Senior Member
  
Posts: 73
Default
No one with the same problem?
__________________
Release 7.1.2_GA_3268.UBUNTU8_64 UBUNTU8_64 NETWORK edition.
Reply With Quote
  #3 (permalink)  
Old 09-26-2011, 03:03 AM
awe awe is offline
Junior Member
  
Posts: 7
Default
Hi,
Same prob no result But in my case, i installed a second webstore (multiserver installation) and after finished installation, my IMAPPROXY hung up! When i will start the proxy-service i get the error:


Starting nginx...nginx: [emerg] SSL_CTX_use_certificate_chain_file("/opt/zimbra/conf/domaincerts/<domainname>.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory error:20074002:BIO routines:FILE_CTRL:system lib error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib)
failed.

So i didn't really know why he want to have a locale cert for the second webstore-server?

Kind regards
Reply With Quote
  #4 (permalink)  
Old 09-26-2011, 03:23 AM
awe awe is offline
Junior Member
  
Posts: 7
Default
HI,

found the problem! In my environment we us a loadbalancer who will check ther certs aso ... and on my second mailboxstore-server is sayed: zimbraReverseProxyMailMode Both

That means:
LDAP-Conf for WEbstore1: http
LDAP-Conf for Webstore2: Both
LDap-Conf for imapproxy: http

So i think that the imapproxy would like to have a cert for the webstore2 if you just want to use HTTPS! But the webstore has none and the proxy will check it on his own side and can't find one!

SO be sure to use the same config and the second side and the "zimbraReverseProxyMailMode"!

You can check it with:
" zmprov -l gs `zmhostname` |grep zimbraReverseProxyMailMode"

Hope this will help u

Kind regards
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.