Results 1 to 3 of 3

Thread: Installing commercial certificates breaks ldap replication on Multiserver

  1. #1
    vsrao is offline New Member
    Join Date
    Mar 2009
    Posts
    4
    Rep Power
    6

    Default Installing commercial certificates breaks ldap replication on Multiserver

    All,

    Basically running a multiserver environment in which I have each service running on a separate server.
    Ldap master
    Ldap replica
    Mailbox server
    smtp server
    proxy server

    Everything was working fine until I installed commercial certificates from Godaddy on all servers. The certificates installed fine, but now the ldap replication doesn't work.
    Error log in /var/log/zimbra.log
    zmldap-slave slapd[9981]: slap_client_connect: URI=ldap://zmldap-master.mydomain.com:389 Error, ldap_start_tls failed (-11)
    zmldap-slave slapd[9981]: do_syncrepl: rid=100 rc -11 retrying
    Rest all OK. Any ideas as to where the issue is?

    Thanks

  2. #2
    vsrao is offline New Member
    Join Date
    Mar 2009
    Posts
    4
    Rep Power
    6

    Default

    I have gone thro this article, but this doesn't talk anything about commercial certificates.

    wiki.zimbra.com/wiki/Installing_Certificates_from_the_Master_LDAP_to_a_ LDAP_Replica

    Can someone point me as to how I can establish the trust between Master and Replica again?

    Any help is much appreciated.

    Thanks

  3. #3
    vsrao is offline New Member
    Join Date
    Mar 2009
    Posts
    4
    Rep Power
    6

    Default

    This is the error I get when trying to connect to LDAP Master from LDAP Replica:
    [root@zmldap-slave ~]# openssl s_client -connect 172.18.160.110:389 -showcerts
    CONNECTED(00000003)
    140665348212552:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 0 bytes and written 309 bytes
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    ---
    So how do I solve this? Mine is a commercial Certificate.

    Thanks

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 10
    Last Post: 10-26-2009, 03:26 AM
  2. Replies: 1
    Last Post: 07-16-2009, 12:20 AM
  3. Installing ZCS 5.0.9 with ldap replication.
    By fdezmichael in forum Installation
    Replies: 0
    Last Post: 09-16-2008, 06:37 AM
  4. [SOLVED] Trouble installing commercial certificates on Zimbra
    By Miklos Kalman in forum Installation
    Replies: 5
    Last Post: 05-21-2008, 01:11 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •