Results 1 to 4 of 4

Thread: "Can't deploy cert for -new. Unknown service."

  1. #1
    Join Date
    Apr 2008
    Posts
    69
    Rep Power
    7

    Exclamation "Can't deploy cert for -new. Unknown service."

    I'm getting an error when running the 3rd command of the 3 commands to generate a new self-signed SSL cert.

    According to the ZCS OS 7.1.2 Release Notes, page 9-10, we're supposed to run:

    • sudo zmcertmgr createca -new
    • sudo zmcertmgr deployca
    • sudo zmcertmgr deploycrt self -new

    But I get the following output and error on the 3rd command:

    1st command ran ok:
    Code:
    [zimbra@mybox ~]$ sudo zmcertmgr createca -new
    ** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf...done
    ** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key...done.
    ** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem...done.
    2nd command ran ok, too:
    Code:
    [zimbra@mybox ~]$ sudo zmcertmgr deployca
    ** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTS...done.
    ** Saving global config key zimbraCertAuthorityCertSelfSigned...done.
    ** Saving global config key zimbraCertAuthorityKeySelfSigned...done.
    ** Copying CA to /opt/zimbra/conf/ca...done.
    3rd command had errors:
    Code:
    [zimbra@mybox ~]$ sudo zmcertmgr deploycrt self -new
    Can't deploy cert for -new.  Unknown service.
    [zimbra@mybox ~]$ sudo zmcertmgr deploycrt self new 
    Can't deploy cert for new.  Unknown service.
    [zimbra@mybox ~]$ sudo zmcertmgr deploycrt self    
    ** Saving server config key zimbraSSLCertificate...done.
    ** Saving server config key zimbraSSLPrivateKey...done.
    ** Installing mta certificate and key...done.
    ** Installing slapd certificate and key...done.
    ** Installing proxy certificate and key...done.
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...done.
    ** Creating keystore file /opt/zimbra/mailboxd/etc/keystore...done.
    ** Installing CA to /opt/zimbra/conf/ca...done.
    [zimbra@mybox ~]$

    As you can see, I tried it without the "-new" tag and it ran successfully. My question is: Is that the way it's supposed to be?

  2. #2
    Join Date
    Dec 2011
    Posts
    5
    Rep Power
    3

    Default

    I wonder nobody replied on this thread since the same 3rd line of command appears on 7.2.1 upgrade document and it returns exactly the same error as the OP reported.

    I tried without '-new' and it returns no error as the OP quoted. After zmcontrol stop and zmcontrol start, in Zimbra admin panel Certificate section, the certs are not renewed still.

  3. #3
    Join Date
    Dec 2011
    Posts
    5
    Rep Power
    3

    Default

    Problem solved. You can renew your self-signing certificates in ZCS admin panel -> tools -> install certificate. No need to mess around at command line anymore.

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by tstkenny View Post
    Problem solved. You can renew your self-signing certificates in ZCS admin panel -> tools -> install certificate.
    That has always been the case, that's not a new feature.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. ZD untrusted Verisign SSL cert
    By JaymeH in forum General Questions
    Replies: 10
    Last Post: 01-12-2012, 06:39 AM
  2. [SOLVED] I broke my server trying to optimize... HELP!
    By myriad in forum Administrators
    Replies: 9
    Last Post: 09-17-2011, 07:46 AM
  3. Installation Cancelled - Zimbra-spell !
    By Ledg in forum Installation
    Replies: 4
    Last Post: 10-19-2006, 03:54 AM
  4. Unknown Host ?
    By msentissi in forum Administrators
    Replies: 5
    Last Post: 03-18-2006, 03:57 PM
  5. M3 problem with shares
    By titangears in forum Users
    Replies: 4
    Last Post: 01-12-2006, 01:01 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •