Rhel 5.6 - 6.0.10 & 7.0.0 Beta3

[jwl17330536]

I cannot complete the install properly. I've installed Zimbra a few times previously and have never had any problems until now. I keep getting errors complaining about LDAP:

HTML Code:

 ** Retrieving CA private key from ldap...failed.
 ** Retrieving CA cert from ldap...failed.
 ** Retrieving Commercial CA cert from ldap...failed.

I believe it is a DNS issue, but everything I have seems correct:

HTML Code:

 [root@mail chroot]# cat /etc/hosts
 # Do not remove the following line, or various programs 
 # that require network functionality will fail.
 127.0.0.1		localhost.localdomain localhost
 172.16.1.20		mail.mydomain.com mail

HTML Code:

 [root@mail chroot]# cat /etc/resolv.conf 
 search mydomain.com
 nameserver 127.0.0.1

HTML Code:

 [root@mail chroot]# dig mydomain.com mx
 
 ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> mydomain.com mx
 ;; global options:  printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20793
 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
 
 ;; QUESTION SECTION:
 ;mydomain.com.		IN	MX
 
 ;; ANSWER SECTION:
 mydomain.com.	38400	IN	MX	1 mail.mydomain.com.
 
 ;; AUTHORITY SECTION:
 mydomain.com.	38400	IN	NS	ns.mydomain.com.
 
 ;; ADDITIONAL SECTION:
 mail.mydomain.com.	38400	IN	A	172.16.1.20
 ns.mydomain.com.	38400	IN	A	172.16.1.20
 
 ;; Query time: 0 msec
 ;; SERVER: 127.0.0.1#53(127.0.0.1)
 ;; WHEN: Fri Jan 21 09:50:58 2011
 ;; MSG SIZE  rcvd: 105

HTML Code:

 [root@mail chroot]# dig mydomain.com any
 
 ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> mydomain.com any
 ;; global options:  printcmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44411
 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 2
 
 ;; QUESTION SECTION:
 ;mydomain.com.		IN	ANY
 
 ;; ANSWER SECTION:
 mydomain.com.	38400	IN	SOA	ns.mydomain.com. admin.mydomain.com. 2011012001 10800 3600 604800 86400
 mydomain.com.	38400	IN	NS	ns.mydomain.com.
 mydomain.com.	38400	IN	MX	1 mail.mydomain.com.
 
 ;; ADDITIONAL SECTION:
 ns.mydomain.com.	38400	IN	A	172.16.1.20
 mail.mydomain.com.	38400	IN	A	172.16.1.20
 
 ;; Query time: 0 msec
 ;; SERVER: 127.0.0.1#53(127.0.0.1)
 ;; WHEN: Fri Jan 21 09:52:44 2011
 ;; MSG SIZE  rcvd: 147

HTML Code:

 [root@mail chroot]# host `hostname`
 mail.mydomain.com has address 172.16.1.20

I've read elsewhere that I need to comment out "Defaults requiretty", which I have. (I've also tried installing directly from the console.)


Any and all advice is appreciated. Thanks!

[odeleon]

Quote:

I've installed Zimbra a few times previously and have never had any problems until now.

Were these installs done on RHEL6 ? This may be the cause of your problems. Not because there's anything wrong with RHEL6, but because the packaged Zimbra installer was not made for it.

A while back I tried to install Zimbra Community Ed. for Fedora 11 (if memory serves) on a Fedora 12 machine and it failed. This was because of some Perl library, that came with this new distro, that was incompatible with the packaged ZCS.

Besides the LDAP error messages are you seeing anything in the install log?

[jwl17330536]

Quote:

Originally Posted by odeleon

Were these installs done on RHEL6 ?

I was actually installing it on RHEL 5.6

Quote:

Originally Posted by odeleon

Besides the LDAP error messages are you seeing anything in the install log?

Everything after the errors I listed above in my first post failed from that point... because the lack of LDAP being configured properly is my assumption. That's why I focused on those errors.

I tried another time with a fresh install. (following my own wiki article that I created upon a successful install a few months ago) The second attempt produced the same errors. I've wiped the OS and am going to move to another project for now.

I hope when I get back to this the next time I will have some leads to go on!

Thanks for your reply!

[chandu]

Hi Guys,

Sorry for hacking this tread..But I am also facing same issue with RHEL 5.2

From last 2 years I am doing Zimbra administration and install multiple zimbra version n number of time in our test setup but never faced this issue.

Right now I am trying to install zcs-6.0.6_GA_2324.RHEL5_64.20100406150533 on RHEL 5.2 ...just similar our production env but I am keep getting below certificate error :

################################################## ##

** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf...done
** Retrieving CA private key from ldap...failed.
** Retrieving CA cert from ldap...failed.
** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key...done.
** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem...done.
Thu Apr 6 17:27:52 2000 done.
Thu Apr 6 17:27:52 2000 Deploying CA to /opt/zimbra/conf/ca ...
Thu Apr 6 17:27:52 2000 *** Running as root user: /opt/zimbra/bin/zmcertmgr deployca -localonly
** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTS...done.
** Copying CA to /opt/zimbra/conf/ca...done.
Thu Apr 6 17:27:53 2000 done.
Thu Apr 6 17:27:53 2000 Creating SSL certificate...
Thu Apr 6 17:27:53 2000 *** Running as root user: /opt/zimbra/bin/zmcertmgr createcrt self
** Creating /opt/zimbra/conf/zmssl.cnf...done
** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20000406172753
** Retrieving server config key zimbraSSLCertificate...failed.
** Retrieving server config key zimbraSSLPrivateKey...failed.
** Generating a server csr for download self -keysize 1024
** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20000406172759
** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr...done.
** Saving server config key zimbraSSLPrivateKey...failed.
** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr...failed.

Using configuration from /opt/zimbra/ssl/zimbra/ca/zmssl.cnf
unable to load number from /opt/zimbra/ssl/zimbra/ca/ca.srl
error while loading serial number
26907:error:0D066091:asn1 encoding routines:a2i_ASN1_INTEGERdd number of chars:f_int.c:162:

Thu Apr 6 17:28:01 2000 done.
Thu Apr 6 17:28:01 2000 Installing mailboxd SSL certificates...
Thu Apr 6 17:28:01 2000 /opt/zimbra/mailboxd/etc/keystore didn't exist.
Thu Apr 6 17:28:01 2000 *** Running as root user: /opt/zimbra/bin/zmcertmgr deploycrt self
** Saving server config key zimbraSSLCertificate...failed.
** Saving server config key zimbraSSLPrivateKey...failed.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...failed.

XXXXX ERROR: failed to create jetty.pkcs12
No certificate matches private key

Thu Apr 6 17:28:07 2000 failed.

################################################## ##


I am really surprized... i have reinstalled RHel 5.2 on my VM and tried n number of time..no luck...hosts file and DNS setup is correct...and even 'Defaults requiretty' is already commented.


It will be great if someone can guide me for the same.

Thanks

[phoenix]

Quote:

Originally Posted by chandu

It will be great if someone can guide me for the same.

Why don't you try some of the solutions in the forums rather than hijacking another thread?

site:zimbra.com +"No certificate matches private key" +solved - Yahoo! Search Results