Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Installation
Reload this Page Commercial certificates, Tomcat, and zmcertinstall

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 09-11-2006, 12:27 PM
Starter Member
  
Posts: 2
Default Commercial certificates, Tomcat, and zmcertinstall
I'm running 4.01 on FC5. Executing 'zmcertinstall mta my.crt my.key` installs my commercial certificate properly in Postfix. But running `zmcertinstall mailbox my.crt` freaks out Tomcat, which constantly dumps this error to its log:

Quote:
SEVERE: Endpoint [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=7071]] ignored exception: java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
at org.apache.tomcat.util.net.jsse.JSSESocketFactory. acceptSocket(JSSESocketFactory.java:113)
at org.apache.tomcat.util.net.PoolTcpEndpoint.acceptS ocket(PoolTcpEndpoint.java:407)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:70)
at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Both the commercial cert and the self-signed cert use RSA. The wiki entries on this topic seem out of date. Any ideas?
Last edited by shiva; 09-11-2006 at 12:31 PM..
Reply With Quote
  #2 (permalink)  
Old 09-11-2006, 02:48 PM
Zimbra Consultant & Moderator
  
Posts: 19,653
Default
Why are you using a self signed certificate for tomcat when you have a commercial one? Have you followed the instructions on this page? If you have can you tell us at which step it went wrong?
__________________
Regards


Bill
Reply With Quote
  #3 (permalink)  
Old 09-11-2006, 02:53 PM
Starter Member
  
Posts: 2
Default
Quote:
Originally Posted by phoenix
Why are you using a self signed certificate for tomcat when you have a commercial one?
I am attempting to install the commercial one.

Quote:
Have you followed the instructions on this page? If you have can you tell us at which step it went wrong?
I purchased the cert a while ago, so I didn't bother with generating a CSR. Running `zmcertinstall mailbox my.crt my.key` results in the first branch being executed:

Code:
if [ $APP = "mailbox" ]; then
     keytool -import -alias tomcat -keystore ${TCONF}/keystore \
        -trustcacerts -file ${CERTFILE} -storepass zimbra
else
     cp -f $CERTFILE ${CONF}/smtpd.crt
     cp -f $KEYFILE ${CONF}/smtpd.key
fi
I assume that has the same effect as performing steps B and C manually?
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.