Results 1 to 4 of 4

Thread: Fails Upgrade Zimbra FOSS 7.0.0 To 7.2.2 With Centos 5.3

  1. #1
    razmal is offline Intermediate Member
    Join Date
    Jul 2009
    Location
    Makassar, Indonesia
    Posts
    15
    Rep Power
    6

    Default Fails Upgrade Zimbra FOSS 7.0.0 To 7.2.2 With Centos 5.3

    Guys Pls Help

    Today i've got problem with Java Cert Expired, and all thread marking "solved" about that doesn't help me out.
    Then my problem become more complicated , LDAP service won't start. And i've spend all day chasing a clue in this forum and got me nothing..

    So i decide to do version upgrading from 7.0.0 to 7.2.2

    My Environment is :

    Centos 5.3
    Zimbra FOSS Edition (Was) 7.0.0
    Upgrade to Zimbra FOSS 7.2.2 (zcs-7.2.2_GA_2852.RHEL5)

    My upgrade steps are :

    1. Doing sh install.sh --platform-override

    and the result are :

    Code:
    Operations logged to /tmp/install.log.10358
    Checking for existing installation...
        zimbra-ldap...FOUND zimbra-ldap-7.0.0_GA_3077
        zimbra-logger...FOUND zimbra-logger-7.0.0_GA_3077
        zimbra-mta...FOUND zimbra-mta-7.0.0_GA_3077
        zimbra-snmp...FOUND zimbra-snmp-7.0.0_GA_3077
        zimbra-store...FOUND zimbra-store-7.0.0_GA_3077
        zimbra-apache...FOUND zimbra-apache-7.0.0_GA_3077
        zimbra-spell...FOUND zimbra-spell-7.0.0_GA_3077
        zimbra-convertd...NOT FOUND
        zimbra-memcached...NOT FOUND
        zimbra-proxy...NOT FOUND
        zimbra-archiving...NOT FOUND
        zimbra-cluster...NOT FOUND
        zimbra-core...FOUND zimbra-core-7.0.0_GA_3077
    ZCS upgrade from 7.0.0 to 7.2.2 will be performed.
    
    Saving existing configuration file to /opt/zimbra/.saveconfig
    
    
    PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.
    ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU
    FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING
    THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY
    THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
    AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.
    
    License Terms for the Zimbra Collaboration Suite:
      http://www.zimbra.com/license/zimbra_public_eula_2.1.html
    
    
    
    Do you agree with the terms of the software license agreement? [N] Y
    
    Checking for prerequisites...
         FOUND: NPTL
         FOUND: nc-1.84-10
         FOUND: sudo-1.6.9p17-3
         FOUND: libidn-0.6.5-1.1
         FOUND: gmp-4.1.4-10
         FOUND: /usr/lib/libstdc++.so.6
    Checking for suggested prerequisites...
         FOUND: perl-5.8.8
         FOUND: sysstat
         FOUND: sqlite
    Prerequisite check complete.
    Checking current number of databases...
    
    Do you want to verify message store database integrity? [Y] N
    
    Checking for installable packages
    
    Found zimbra-core
    Found zimbra-ldap
    Found zimbra-logger
    Found zimbra-mta
    Found zimbra-snmp
    Found zimbra-store
    Found zimbra-apache
    Found zimbra-spell
    Found zimbra-memcached
    Found zimbra-proxy
    
    
    The Zimbra Collaboration Suite appears already to be installed.
    It can be upgraded with no effect on existing accounts,
    or the current installation can be completely removed prior
    to installation for a clean install.
    
    Do you wish to upgrade? [Y] Y
    
    Select the packages to install
        Upgrading zimbra-core
        Upgrading zimbra-ldap
        Upgrading zimbra-logger
        Upgrading zimbra-mta
        Upgrading zimbra-snmp
        Upgrading zimbra-store
        Upgrading zimbra-apache
        Upgrading zimbra-spell
    
    Install zimbra-memcached [N] N
    
    Install zimbra-proxy [N] N
    Checking required space for zimbra-core
    checking space for zimbra-store
    
    Installing:
        zimbra-core
        zimbra-ldap
        zimbra-logger
        zimbra-mta
        zimbra-snmp
        zimbra-store
        zimbra-apache
        zimbra-spell
    
    You appear to be installing packages on a platform different
    than the platform for which they were built.
    
    This platform is CentOS5
    Packages found: RHEL5
    This may or may not work.
    
    Using packages for a platform in which they were not designed for
    may result in an installation that is NOT usable. Your support
    options may be limited if you choose to continue.
    
    
    Install anyway? [N] Y
    
    The system will be modified.  Continue? [N] Y
    
    Shutting down zimbra mail
    
    Backing up the ldap database...done.
    
    Removing existing packages
    
       zimbra-ldap...done
       zimbra-logger...done
       zimbra-mta...done
       zimbra-snmp...done
       zimbra-store...done
       zimbra-spell...done
       zimbra-apache...done
       zimbra-core...done
    
    Removing deployed webapp directories
    Installing packages
    
        zimbra-core......zimbra-core-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
        zimbra-ldap......zimbra-ldap-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
        zimbra-logger......zimbra-logger-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
        zimbra-mta......zimbra-mta-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
        zimbra-snmp......zimbra-snmp-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
        zimbra-store......zimbra-store-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
        zimbra-apache......zimbra-apache-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
        zimbra-spell......zimbra-spell-7.2.2_GA_2852.RHEL5-20121204211814.i386.rpm...done
    
    Setting defaults from saved config in /opt/zimbra/.saveconfig/config.save
       HOSTNAME=mail.hkalla.co.id
       LDAPHOST=mail.hkalla.co.id
       LDAPPORT=389
       SNMPTRAPHOST=mail.hkalla.co.id
       SMTPSOURCE=admin@hkalla.co.id
       SMTPDEST=admin@hkalla.co.id
       SNMPNOTIFY=yes
       SMTPNOTIFY=yes
       LDAPROOTPW=_Ivqmz_L
       LDAPZIMBRAPW=_Ivqmz_L
       LDAPPOSTPW=_Ivqmz_L
       LDAPREPPW=_Ivqmz_L
       LDAPAMAVISPW=_Ivqmz_L
       LDAPNGINXPW=_Ivqmz_L
    Restoring existing configuration file from /opt/zimbra/.saveconfig/localconfig.xml...done
    Operations logged to /tmp/zmsetup.03012013-154328.log
    Upgrading from 7.0.0_GA_3077 to 7.2.2_GA_2852
    Stopping zimbra services...done.
    Verifying /opt/zimbra/conf/my.cnf
    Starting mysql...done.
    This appears to be 7.0.0_GA
    Checking ldap status...not running.
    Running zmldapapplyldif...failed.
    Checking ldap status...not running.
    Starting ldap...failed with exit code: 256.
    51305cac main: TLS init def ctx failed: -1
    UPGRADE FAILED - exiting.
    [root@mail zimbra7]# SU ZIMBRA
    -bash: SU: command not found
    [root@mail zimbra7]# su zimbra
    [zimbra@mail zimbra7]$ zmcontrol start
    Host mail.hkalla.co.id
            Starting ldap...Done.
    Failed.
    Failed to start slapd.  Attempting debug start to determine error.
    TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:696
    TLS: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib ssl_rsa.c:491
    51305dde main: TLS init def ctx failed: -1
    For additional info :
    This is my /etc/hosts file :

    Code:
    [root@mail opt]# vim /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    127.0.0.1 localhost.localdomain localhost
    172.100.0.252 mail.hkalla.co.id mail
    output from :

    Code:
    [root@mail opt]# dig mail.hkalla.co.id
    
    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> mail.hkalla.co.id
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37595
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
    
    ;; QUESTION SECTION:
    ;mail.hkalla.co.id.             IN      A
    
    ;; ANSWER SECTION:
    mail.hkalla.co.id.      38400   IN      A       172.100.0.252
    
    ;; AUTHORITY SECTION:
    hkalla.co.id.           38400   IN      NS      ns1.hkalla.co.id.
    
    ;; ADDITIONAL SECTION:
    ns1.hkalla.co.id.       38400   IN      A       172.100.0.252
    
    ;; Query time: 0 msec
    ;; SERVER: 172.100.0.252#53(172.100.0.252)
    ;; WHEN: Fri Mar  1 16:09:10 2013
    ;; MSG SIZE  rcvd: 85
    I'm using SplitDNS . And my /etc/resolv.conf contain :

    Code:
    [root@mail opt]# cat /etc/resolv.conf
    search hkalla.co.id
    nameserver 172.100.0.252
    and everytime i started zmcontrol start , the result is :

    Code:
    [zimbra@mail root]$ zmcontrol start
    Host mail.hkalla.co.id
            Starting ldap...Done.
    Failed.
    Failed to start slapd.  Attempting debug start to determine error.
    TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:696
    TLS: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib ssl_rsa.c:491
    51306402 main: TLS init def ctx failed: -1

    Like 1 say, the first trouble are Certificate expire .. but i cannot make a new one because is always fails at retrieving CA from LDAP.
    Can anyone provide me an idea to take all my account and mailbox out without need a running LDAP ?
    I want to make a fresh install one on other server..
    And all mailbox are very important
    Please .. need help ...
    Last edited by razmal; 03-01-2013 at 01:19 AM.
    Regards.

    Razmal Djamal

    http://www.teknoislam.com
    Zimbra OSE 8.0.0 on Centos 6.3

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,569
    Rep Power
    57

    Default

    Quote Originally Posted by razmal View Post
    Today i've got problem with Java Cert Expired, and all thread marking "solved" about that doesn't help me out.
    In future you should give details of what you've tried and what errors you had, it's difficult to give advice when we don't know what you've done nor what the exact problem was.

    Quote Originally Posted by razmal View Post
    Then my problem become more complicated , LDAP service won't start. And i've spend all day chasing a clue in this forum and got me nothing..
    The forums (and wiki) contain details on how to recreate certificates.

    Quote Originally Posted by razmal View Post
    So i decide to do version upgrading from 7.0.0 to 7.2.2
    A version upgrade is never a solution to a problem (and may cause further problems as in this case), you should fix the problem first.

    Quote Originally Posted by razmal View Post
    output from :

    Code:
    [root@mail opt]# dig mail.hkalla.co.id
    That command is incorrect as it doesn't use your domain name which is:

    Code:
    dig hkalia.co.id mx
    If you think there's a DNS issue then you should post the output of all the commands in the 'Verify ....' section of the Split DNS wiki article.

    Quote Originally Posted by razmal View Post
    And all mailbox are very important
    Only to you and I guess you took a backup of your server on a regular basis?

    Quote Originally Posted by razmal View Post
    Please .. need help ...
    You really don't need to post that, it's evident you need help by asking a question in these forums.

    Try some of the solutions in these threads
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    razmal is offline Intermediate Member
    Join Date
    Jul 2009
    Location
    Makassar, Indonesia
    Posts
    15
    Rep Power
    6

    Default

    Dear Phoenix ..

    In future you should give details of what you've tried and what errors you had, it's difficult to give advice when we don't know what you've done nor what the exact problem was.
    The forums (and wiki) contain details on how to recreate certificates.
    I've done all recreate certificate thread .. Mostly still give me an error :

    Code:
    [root@mail opt]# /opt/zimbra/bin/zmcertmgr createca -new
    ** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf...done
    ** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key...done.
    ** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem...done.
    then

    Code:
    [root@mail opt]# /opt/zimbra/bin/zmcertmgr createcrt -new -days 3650
    Validation days: 3650
    ** Creating directory /opt/zimbra/mailboxd/webapps/zimbraAdmin/tmp
    ** Creating /opt/zimbra/conf/zmssl.cnf...done
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20130301173902
    ** Generating a server csr for download self -new -keysize 1024
    ** Creating /opt/zimbra/conf/zmssl.cnf...done
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20130301173902
    ** Retrieving Commercial CA cert from ldap...failed.
    ** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...failed.
    
    Using configuration from /opt/zimbra/ssl/zimbra/ca/zmssl.cnf
    I am unable to access the /opt/zimbra/ssl/zimbra/ca/newcerts directory
    /opt/zimbra/ssl/zimbra/ca/newcerts: No such file or directory
    .. then LDAP errors occurs ..

    [zimbra@mail tmp]$ zmcontrol start
    Host mail.hkalla.co.id
    Starting ldap...Done.
    Failed.
    Failed to start slapd. Attempting debug start to determine error.
    TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:696
    TLS: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib ssl_rsa.c:491
    51307530 main: TLS init def ctx failed: -1
    A version upgrade is never a solution to a problem (and may cause further problems as in this case), you should fix the problem first.
    I've read some threads how convinced me to to that..

    That command is incorrect as it doesn't use your domain name which is:
    OK, this is the correct one :

    Code:
    [root@mail opt]# dig mail.hkalla.co.id mx
    
    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> mail.hkalla.co.id mx
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22098
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;mail.hkalla.co.id.             IN      MX
    
    ;; AUTHORITY SECTION:
    hkalla.co.id.           38400   IN      SOA     ns1.hkalla.co.id. razmal.hkalla.co.id. 1336628031 10800 3600 604800 38400
    
    ;; Query time: 0 msec
    ;; SERVER: 172.100.0.252#53(172.100.0.252)
    ;; WHEN: Fri Mar  1 17:42:20 2013
    ;; MSG SIZE  rcvd: 82
    Only to you and I guess you took a backup of your server on a regular basis?
    Of course important only for me, i just don't know why you have to say this.. and unfortunately i don't do regular backup, my last backups are in December last years..

    You really don't need to post that, it's evident you need help by asking a question in these forums.
    Never do that again .

    Then I've read another success thread about my problem :
    [SOLVED] Problem with install the self-signed certificate on zimbra 5.0.10_GA_2638.RH

    Code:
    [root@mail opt]# rm -rf /opt/zimbra/ssl
    [root@mail opt]# mkdir /opt/zimbra/ssl
    [root@mail opt]# chown zimbra:zimbra /opt/zimbra/ssl
    [root@mail opt]# chown zimbra:zimbra /opt/zimbra/java/jre/lib/security/cacerts
    [root@mail opt]# chmod 644 /opt/zimbra/java/jre/lib/security/cacerts
    [root@mail opt]# /opt/zimbra/bin/zmcertmgr createca -new
    ** Creating directory /opt/zimbra/ssl/zimbra
    ** Creating directory /opt/zimbra/ssl/zimbra/ca
    ** Creating directory /opt/zimbra/ssl/zimbra/server
    ** Creating directory /opt/zimbra/ssl/zimbra/commercial
    ** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf...done
    ** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key...done.
    ** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem...done.
    [root@mail opt]# /opt/zimbra/bin/zmcertmgr deployca -localonly
    ** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTS...done.
    ** Copying CA to /opt/zimbra/conf/ca...done.
    [root@mail opt]# /opt/zimbra/bin/zmcertmgr createcrt self -new
    ** Creating /opt/zimbra/conf/zmssl.cnf...done
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20130301175402
    ** Retrieving server config key zimbraSSLCertificate...failed.
    ** Retrieving server config key zimbraSSLPrivateKey...failed.
    ** Generating a server csr for download self -keysize 1024
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20130301175406
    ** Retrieving Commercial CA cert from ldap...failed.
    ** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
    [root@mail opt]# /opt/zimbra/bin/zmcertmgr deploycrt self
    ** Saving server config key zimbraSSLCertificate...failed.
    ** Saving server config key zimbraSSLPrivateKey...failed.
    ** Installing mta certificate and key...done.
    ** Installing slapd certificate and key...done.
    ** Installing proxy certificate and key...done.
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
    ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
    ** Installing CA to /opt/zimbra/conf/ca...done.
    LDAP Still wont' start

    Thx.
    Last edited by razmal; 03-01-2013 at 03:00 AM.
    Regards.

    Razmal Djamal

    http://www.teknoislam.com
    Zimbra OSE 8.0.0 on Centos 6.3

  4. #4
    razmal is offline Intermediate Member
    Join Date
    Jul 2009
    Location
    Makassar, Indonesia
    Posts
    15
    Rep Power
    6

    Default

    (2-3-2013 : 9.05 AM)
    Update : My problems are solved !
    The steps are :

    1. I've started to delete many directory on /opt/zimbra like openldap-xx-xx , openssl, ssl ..
    2. i do upgrade with zcs 7.2 for RHEL, on my Centos with --platform-override and end-up with ldap fail...
    3. Because its start with certificate error, then i recreating with a standard command on this forum , and give an extra option from 365 days to 3650 days (10 years).
    only works with ca new, but i can't get any Ca Cert key from LDAP. But I still continue do the deploy cert self command (search in this forum). Until Cert recreating steps done.
    4. Restarting with zmcontrol restart. LDAP Done .. but stil MTA fail with Postfix Fail errors. And the zmconfigd just the same.. fail. So i have 2 errors, Postfix fail and zmconfigd fail.
    5. I've running posftix check. And many warning pop-up .. mostly abut ownership. So i fix them with /opt/zimbra/libexec/zmfixperms. Restarting zmcontrol restart, and Postfix done.
    6. Still got the zmconfigd error. From the log /opt/zimbra/log/zmconfigd.log , i've found the ownership problem : config$py.class Permission Deny !
    Fix with manual chown -R zimbra:zimbra /opt/zimbra/zimbramon/pylibs.
    Do restart service : all service are up.
    Zmcontrol status : All service up.

    Scenario Problem : Cert expiration, fall to un-succesfull upgrde from zcs 7.0.0 to 7.2.2, but now i'm happy. Thx to all [solved] thread !

    Thx.
    Regards.

    Razmal Djamal

    http://www.teknoislam.com
    Zimbra OSE 8.0.0 on Centos 6.3

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 2
    Last Post: 12-28-2012, 04:04 PM
  2. Replies: 0
    Last Post: 12-25-2012, 08:07 AM
  3. [SOLVED] Upgrade to zd 7.01 fails to start - centos 5.5
    By jruiseco in forum Installation Help
    Replies: 1
    Last Post: 05-09-2011, 07:54 AM
  4. 6.0.6.1 Foss -> 6.0.7 Foss on CentOS 5.5 64bit
    By jaapaikema in forum Zimbra Success Stories
    Replies: 0
    Last Post: 06-16-2010, 12:22 PM
  5. FOSS upgrade fails
    By buraglio in forum Administrators
    Replies: 13
    Last Post: 03-09-2008, 08:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •