Results 1 to 1 of 1

Thread: [SOLVED] ZCS 6.0 GoDaddy cert install issue

  1. 09-03-2009, 07:39 AM #1
    georgelazar
    georgelazar is offline Intermediate Member
    Join Date
    Sep 2009
    Posts
    18
    Rep Power
    4

    Default [SOLVED] ZCS 6.0 GoDaddy cert install issue

    Hi,

    I have the latest ZCS (6.0) on fresh install on Ubuntu 8.06 64bit. Everything ok until I have replaced the self signed certificate.
    I have generated an CSR, go at GoDaddy and generate an certificate. I downloaded the certificate for Tomcat web server and followed the installation steps in ZCS. Then zmcontrol stop/start, then... problems:
    Starting ldap...Done.
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.
    Starting logger...Done.
    Starting mailbox...Done.
    Starting antispam...Done.
    Starting antivirus...Done.
    Starting snmp...Done.
    Starting spell...Done.
    Starting mta...Done.
    Starting stats...Done.

    in zimbra log:

    service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.Validat

    And the CPU's stays in 80% usage and no webaccess.

    I have reissued an self signed certificate from CLI:
    1. Begin by generating a new Certificate Authority (CA).
    zmcertmgr createca -new
    2. Then generate a certificate signed by the CA that expires in 365 days.
    zmcertmgr createcrt -new -days 365
    3. Next deploy the certificate.
    zmcertmgr deploycrt self
    4. To finish, verify the certificate was deployed to all the services.
    zmcertmgr viewdeployedcrt

    Then I was able to log on back in the admin section. I have repeated again everything but stil the same issue.

    What should I do? I need to use that certificate from a known CA.

    Additional details:
    - the hostname of the machine is the default and only domain in ZCS
    - host file ok
    - hostname is example.com and the csr/certificate is for *.example.com (can this be the issue?). The reason for that is I have an virtual host like webmail.example.com and I need the wildcard type of certificate.


    Thanks,



    Solved:

    1. Download the certificates issued by GoDaddy for Tomcat webserver.
    2. Create a new folder 'certs" in /opt/zimbra
    3. chown -R zimbra:zimbra /opt/zimbra/certs
    4. rename the certificate file to commercial.crt and gd_bundle.crt to commercial_ca.crt
    5. cd /opt/zimbra/bin
    6. run: ./zmcertmgr deploycrt comm /opt/zimbra/certs/commercial.crt /opt/zimbra/certs/commercial_ca.crt
    7. restart zimbra (zmcontrol stop/start)

    Got inspired from:
    Zimbra 5.08 SSL Certificate Instalation
    Last edited by georgelazar; 09-04-2009 at 11:34 AM.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Can I install my old signed cert to a new zimbra install?
    By sel5150 in forum Installation
    Replies: 2
    Last Post: 03-15-2010, 04:04 PM
  2. Yahoo! Zimbra Desktop for ZCS 6.0 Guns and Roses
    By aldennis in forum General Questions
    Replies: 8
    Last Post: 09-11-2009, 06:02 PM
  3. [SOLVED] ZCS 5.0.15 Renewing GoDaddy Cert Failure
    By jmatos in forum Installation
    Replies: 3
    Last Post: 09-08-2009, 11:52 AM
  4. [SOLVED] Upgrade from 4.5.6 CE to 4.5.7 CE: stats service shown as stopped
    By centrex in forum Installation
    Replies: 41
    Last Post: 10-29-2007, 02:36 PM
  5. I did not install zcs 4.02 on the centos 4.3 successfully.
    By sshgz in forum Installation
    Replies: 2
    Last Post: 09-28-2006, 08:30 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules