Results 1 to 3 of 3

Thread: 6.0.1 LDAP Replica

  1. #1
    Join Date
    Sep 2008
    Location
    Los Angeles, CA
    Posts
    135
    Rep Power
    7

    Default 6.0.1 LDAP Replica

    Hi all,

    I followed the instructions in the Multi-Server Installation Doc for installing an LDAP replica. I cannot get this thing working. Slapd is running, but an ldapsearch returns 0 entries. Here are some errors I've been getting:

    Code:
    [zimbra@replica root]$ zmupdateauthkeys
    ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
    Updating /opt/zimbra/.ssh/authorized_keys
    Code:
    [zimbra@replica root]$ zmldappasswd mysecret
    Updating local config and directory
    TLS: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
    Code:
    [zimbra@replica root]$ zmsshkeygen
    Generating public/private dsa key pair.
    Your identification has been saved in /opt/zimbra/.ssh/zimbra_identity.
    Your public key has been saved in /opt/zimbra/.ssh/zimbra_identity.pub.
    The key fingerprint is:
    d5:17:25:7c:f5:0f:ec:a3:43:84:b2:11:17:9f:ce:7f replica.spacecomputer.com
    ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
    Any ideas?

  2. #2
    Join Date
    Sep 2008
    Location
    Los Angeles, CA
    Posts
    135
    Rep Power
    7

    Default

    bump

  3. #3
    Join Date
    Sep 2008
    Location
    Los Angeles, CA
    Posts
    135
    Rep Power
    7

    Default

    I was able to fix those errors by copying the commercial cert from the main server to this server and running the following:
    Code:
    /opt/zimbra/java/bin/keytool -import -alias new -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file /tmp/commercial.crt
    However, the replica server still doesn't seem to be working properly. The logs appear to be showing that ldap data is replicated, but when I run ldapsearch, I get nothing:
    Code:
    [root@replica /]# ldapsearch -h replica -x
    # extended LDIF
    #
    # LDAPv3
    # base <> with scope subtree
    # filter: (objectclass=*)
    # requesting: ALL
    #
    
    # search result
    search: 2
    result: 0 Success
    
    # numResponses: 1
    Please help!

Similar Threads

  1. [SOLVED] Doc Problem with LDAP Replica Uninstall?
    By kbigger in forum Administrators
    Replies: 1
    Last Post: 05-12-2009, 10:57 AM
  2. LDAP Replica Installation
    By Eri in forum Installation
    Replies: 0
    Last Post: 04-14-2009, 06:48 AM
  3. 4.5.11 -> 5.0.6 NE & LDAP Replica
    By cjstone in forum Administrators
    Replies: 2
    Last Post: 06-24-2008, 12:54 PM
  4. LDAP Master and LDAP Replica!
    By zibra in forum Installation
    Replies: 0
    Last Post: 05-20-2008, 09:22 PM
  5. Replies: 2
    Last Post: 05-24-2006, 11:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •