Results 1 to 5 of 5

Thread: Commercial certificate woes

  1. #1
    nspanahi is offline Junior Member
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    6

    Default Commercial certificate woes

    So upgrading from 5.0.1 to 5.0.10 wiped my commercial certs.
    I reissued the CSR using All Servers and got new certs from godaddy. I have tried EVERYTHING and nothing is working. I have read all the treads about using ALL servers (which I am) and using different combinations of certs that godaddy sends you (I have) and I still get the error

    Your certificate was not installed due to the error : system failure: XXXXX ERROR: Unmatching certificate (/opt/zimbra/mailboxd/webapps/zimbraAdmin/tmp/current.crt) and private key (/opt/zimbra/mailboxd/webapps/zimbraAdmin/tmp/current_comm.key) pair.

    I have read that people tried the command line method, but I have too and most of them are for 4.x versions. PLEASE HELP IF YOU CAN

  2. #2
    dwmtractor's Avatar
    dwmtractor is offline Moderator
    Join Date
    Jul 2007
    Location
    San Jose, CA
    Posts
    1,027
    Rep Power
    9

    Default

    I know you say you've tried everything, but in my experience (and I have been on this forum for a little while) the search engine rarely helps me find just that part of "everything" that I'm actually looking for, even if I'm the one who wrote it. . .. . .so please don't take this as condescending which I'm not trying to be!

    But have you tried the steps I described here? Admittedly this was on an earlier 5.x.x release but it worked for me and seems to have worked for some others, and I did see the same error you have described before I did it exactly this way.

    Do let us know in as much excruciating detail as possible if you still have problems. . .
    Cheers,

    Dan

  3. #3
    nspanahi is offline Junior Member
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    6

    Default yes I tried that

    I have tried that and several command line ones. Even the command line ones give the same error.

  4. #4
    bobby is offline Zimbra Employee
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    10

    Default

    Let's make sure there aren't any extra or old files in the way. Please post the output of "ls -laR ~/ssl/". Are you working with zmcertmgr? Run "sudo zmcertmgr -h" for some sample commands.

    BTW do you not have any backups of the old keystore and cert files? Check in /opt/zimbra/.saveconfig/

  5. #5
    nspanahi is offline Junior Member
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    6

    Default

    Here is the output. I am sure there are no old files hanging around

    [root@metric ssl]# ls -laR *
    zimbra:
    total 40
    drwxr----- 5 root root 4096 Oct 3 12:04 .
    drwxr-xr-x 3 zimbra zimbra 4096 Oct 3 12:04 ..
    drwxr----- 3 root root 4096 Oct 3 12:04 ca
    drwxr----- 2 root root 4096 Oct 3 12:04 commercial
    drwxr----- 2 root root 4096 Oct 3 12:04 server

    zimbra/ca:
    total 72
    drwxr----- 3 root root 4096 Oct 3 12:04 .
    drwxr----- 5 root root 4096 Oct 3 12:04 ..
    -rw-r----- 1 root root 708 Oct 3 12:04 ca.csr
    -rw------- 1 zimbra root 887 Oct 3 12:04 ca.key
    -rw-r--r-- 1 zimbra root 871 Oct 3 12:04 ca.pem
    -rw-r--r-- 1 root root 11 Oct 3 12:04 ca.srl
    -rwxr----- 1 root root 0 Oct 3 12:04 index.txt
    drwxr----- 2 root root 4096 Oct 3 12:04 newcerts
    -rw-r----- 1 zimbra zimbra 7677 Oct 3 12:04 zmssl.cnf

    zimbra/ca/newcerts:
    total 16
    drwxr----- 2 root root 4096 Oct 3 12:04 .
    drwxr----- 3 root root 4096 Oct 3 12:04 ..

    zimbra/commercial:
    total 32
    drwxr----- 2 root root 4096 Oct 3 12:04 .
    drwxr----- 5 root root 4096 Oct 3 12:04 ..
    -rw-r--r-- 1 root root 708 Oct 3 12:04 commercial.csr
    -rw-r--r-- 1 root root 891 Oct 3 12:04 commercial.key

    zimbra/server:
    total 16
    drwxr----- 2 root root 4096 Oct 3 12:04 .
    drwxr----- 5 root root 4096 Oct 3 12:04 ..



    And yes I have used zmcertmgr and know how to work with it. It gives the same error.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Install a commercial SSL certificate ??
    By nick20 in forum Installation
    Replies: 6
    Last Post: 06-23-2010, 03:08 AM
  2. Problem with Commercial Certificate in 5.0.9 GA
    By bibo in forum Administrators
    Replies: 3
    Last Post: 09-17-2008, 06:03 AM
  3. [SOLVED] Commercial Certificate issue - thawte - again
    By galezer in forum Administrators
    Replies: 7
    Last Post: 06-26-2008, 02:07 AM
  4. Replies: 1
    Last Post: 11-05-2007, 06:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •