Results 1 to 5 of 5

Thread: Accessing external accounts from Zimbra

  1. #1
    Join Date
    Apr 2011
    Location
    Slovakia
    Posts
    18
    Rep Power
    4

    Default Accessing external accounts from Zimbra

    Hi there,

    I came across a problem that when a user tries to add an external account with SSL IMAP connection in his Preferences - Accounts settings, the connection test fails with some cryptic message. In the mailbox.log I found more hints:
    Code:
    ...
    Code:service.FAILURE
            at com.zimbra.common.service.ServiceException.FAILURE(ServiceException.java:248)
    ...
    Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: [the remote server cert info]
    ...
    Caused by: java.security.cert.CertificateException: [the remote server cert info]
            at com.zimbra.common.net.CustomTrustManager.checkServerTrusted(CustomTrustManager.java:90)
    ...
    Looks like the remote server's cert is considered untrusted and the connection fails. The server uses a cert signed by a custom in-house CA. Is there a way to import this CA cert somewhere into Zimbra so it would consider this SSL IMAP connection trusted? Or (less prefered) is there a way to disable certificate validation for these types of connections?

    Thank you for any replies. Have a nice day.

  2. #2
    Join Date
    Nov 2009
    Location
    Ljubljana, Slovenia
    Posts
    268
    Rep Power
    6

    Default

    If remote server FORCES SSL, then I hope someone will help you with the part of the question about importing cert to Zimbra. But if remote server does not force SSL, you may try without checking "SSL" option under external account and click on "Test".

  3. #3
    Join Date
    Apr 2011
    Location
    Slovakia
    Posts
    18
    Rep Power
    4

    Default

    Hi Labsy,
    thanks for the tip, the server could accept a connection without SSL but it would go through the Internet and I'd rather not send my passwords unsecured.

  4. #4
    Join Date
    Apr 2011
    Location
    Slovakia
    Posts
    18
    Rep Power
    4

    Unhappy Zimbra SSL problem

    This seems to be a general Zimbra SSL problem. It also affects the migration wizard in the admin console, when I try to migrate from "generic IMAP server", in the mailbox log I see the same errors about invalid certificate and the migration fails

    Is there any way to solve this? i.e. make Zimbra accept the SSL certificate of the remote IMAP server?

  5. #5
    Join Date
    May 2011
    Posts
    1
    Rep Power
    4

    Default

    I have exactly the same problem under the 7.1.0 Release. I tried to set the data_source_trust_self_signed_certs entry to true via zmlocalconfig as said elsewhere but nothing happens, even if I restart the server.

    Is this a known bug and are some people working on it ?

Similar Threads

  1. [SOLVED] Help, I think I am running Zimbra as root!
    By primaxx in forum Administrators
    Replies: 9
    Last Post: 10-06-2010, 12:04 PM
  2. Replies: 21
    Last Post: 02-04-2010, 10:06 AM
  3. dspam logrotate errors
    By michaeln in forum Users
    Replies: 7
    Last Post: 02-19-2007, 12:45 PM
  4. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM
  5. Unable to start tomcat
    By chanck in forum Administrators
    Replies: 11
    Last Post: 06-11-2006, 01:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •