Results 1 to 5 of 5

Thread: [SOLVED] SSL Cert Import IE/windows broken?

  1. #1
    raj's Avatar
    raj
    raj is offline Moderator
    Join Date
    Oct 2005
    Location
    USA, Canada and India
    Posts
    777
    Rep Power
    10

    Default [SOLVED] SSL Cert Import IE/windows broken?

    Hi..Before 5.0 version we could install the Self Signed SSL cert on client computer by click on View Cert and Install Cert in IE for the Admin console so next time when you visit the Admin link it donít POPUP the SSL error.

    With 5.0 the same is not working anymore..IE goes all the way saying certificate is installed but when we come back the SSL Self signed Cert Error is there again.

    Earlier whole certificate chain use to get saved looks like now CA certificate is not getting exported correctly.

    Any ideas..i have tried recreating the cert few times ..same problem

    Raj
    i2k2 Networks
    Dedicated & Shared Zimbra Hosting Provider

  2. #2
    dwmtractor's Avatar
    dwmtractor is offline Moderator
    Join Date
    Jul 2007
    Location
    San Jose, CA
    Posts
    1,027
    Rep Power
    10

    Default

    Are you using either IE 7 or (worst of all) Vista? If so, the error is happening because, although you are importing a certificate, you haven't told your machine that you trust the certificate provider...your Zimbra machine has to be added to your root certificate providers store before it'll even recognize your certificate. See these two posts for more details:

    ZCS 4.5.10 upgrade to ZCS 5.0.0
    http://www.zimbra.com/forums/users/1...html#post72941

    Cheers,

    Dan

  3. #3
    raj's Avatar
    raj
    raj is offline Moderator
    Join Date
    Oct 2005
    Location
    USA, Canada and India
    Posts
    777
    Rep Power
    10

    Default

    ok here are the details..

    -------------
    Zimbra 4.xx
    -------------
    On Windows 2000 Server SP4 + IE 6 SP1 we can sucessfully import the Self Signed Cert by just clicking on View Certificate and then Install using IE and it installs it are correct Certificate Authority Store so NEXT time we come that cert is used and POPup Error is gone

    -------------
    Zimbra 5.01 GA
    -------------
    On Windows 2000 Server SP4 + IE 6 SP1 the exact same server dont import the cert correctly from 5.0 version. so there is something different how the certs are created in 5.0 ..

    I have tried putting the cert manually in all stores for teh sake of it but its not getting validated correcly..looks like CA/key inforamtion in 5.0 cert is not getting exported correctly

    Any pointers

    Raj
    i2k2 Networks
    Dedicated & Shared Zimbra Hosting Provider

  4. #4
    raj's Avatar
    raj
    raj is offline Moderator
    Join Date
    Oct 2005
    Location
    USA, Canada and India
    Posts
    777
    Rep Power
    10

    Default

    here are the links..you can see it yourself

    Zimbra 4.x link..you can import the cert and it will work:
    https://zimbra1.ocpwebserver.com:7071/zimbraAdmin/

    zimbra 5.0 ..try importing and then going back to the link:
    https://zimbra12.ocpwebserver.com:7071/zimbraAdmin/

    hope someone can give me some insight on this
    Thanks
    Raj
    i2k2 Networks
    Dedicated & Shared Zimbra Hosting Provider

  5. #5
    raj's Avatar
    raj
    raj is offline Moderator
    Join Date
    Oct 2005
    Location
    USA, Canada and India
    Posts
    777
    Rep Power
    10

    Default

    Finally after 10 hours of hit and trial figured out what is needed..still dont know why but it works.

    In 4.xx i could download/cert the CERT from the https:// link popup..and it ALSO use to kind of download the CA Cert/Key to certificate trust.

    in 5.01 its not doing the same..so i physically downloaded CA.PEM file from
    /opt/zimbra/ssl/zimbra/ca/ca.pem and imported it manually to windows machine and now it dont give me self signed cert POPUP

    so i dont know why this change in 5.0..may be how Jetty wants to serve the cert is different than Tomcat or something else..any ssl expert has anything on this..

    sould be marked as [SOLVED] ..lol
    Raj
    i2k2 Networks
    Dedicated & Shared Zimbra Hosting Provider

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. ical4j.data.ParserException
    By amit_saini54 in forum Migration
    Replies: 0
    Last Post: 12-06-2007, 07:45 AM
  2. SOAP SSL Cert problem
    By 3RiversTechAdmin in forum Developers
    Replies: 1
    Last Post: 11-15-2007, 02:14 PM
  3. [SOLVED] Tomcat ignoring new SSL cert?
    By gkra in forum Administrators
    Replies: 1
    Last Post: 09-07-2007, 10:44 AM
  4. Replies: 2
    Last Post: 03-25-2007, 09:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •