Results 1 to 2 of 2

Thread: Problem installing StartSSL certificate

  1. #1
    Join Date
    Dec 2011
    Posts
    29
    Rep Power
    3

    Default Problem installing StartSSL certificate

    Hi,

    I followed the steps from this link: Installing a StartSSL SSL Certificate with zmcertmgr - Zimbra :: Wiki, to install my commercial certificate in my Zimbra7.1.4.

    At step 5, there was a problem:

    Code:
    ./zmcertmgr deploycrt comm /tmp/ssl.crt /tmp/ca_bundle.crt
    ** Verifying /tmp/ssl.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
    Enter pass phrase for /opt/zimbra/ssl/zimbra/commercial/commercial.key:
    Certificate (/tmp/ssl.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
    Valid Certificate: /tmp/ssl.crt: OK
    ** Copying /tmp/ssl.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
    ** Appending ca chain /tmp/ca_bundle.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
    ** Importing certificate /opt/zimbra/ssl/zimbra/commercial/commercial_ca.crt to CACERTS as zcs-user-commercial_ca...done.
    ** NOTE: mailboxd must be restarted in order to use the imported certificate.
    ** Saving server config key zimbraSSLCertificate...done.
    ** Saving server config key zimbraSSLPrivateKey...done.
    ** Installing mta certificate and key...done.
    ** Installing slapd certificate and key...done.
    ** Installing proxy certificate and key...done.
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...Enter pass phrase for /opt/zimbra/ssl/zimbra/commercial/commercial.key:
    failed.
    
    XXXXX ERROR: failed to create jetty.pkcs12
    unable to load certificates
    140415154099880:error:0906D066:PEM routines:PEM_read_bio:bad end line:pem_lib.c:795:
    What do I to solve the problem with Jetty?

    I tried many times, and I typed a right same password 2 times that it was required.
    Last edited by edilmar; 04-23-2012 at 08:48 AM.

  2. #2
    Join Date
    Dec 2011
    Posts
    29
    Rep Power
    3

    Default

    I changed ssl.crt and ca_bundle.crt to put the ENTER in the final. Then, I got to process the certificates rightly.

    However, now when I try to use SMTP server to send messages using SSL, it arises a message that it doesn't support this kind of criptography for authentication.

    Other problems when restarting the zmcontrol:
    1) logger and logswatch failed, also after reboot
    2) LDAP requres the password to start, also after reboot, what is a big problem, because I have to type the password all the times, no more automatic restart of service

Similar Threads

  1. TLS library problem
    By mocart in forum Administrators
    Replies: 0
    Last Post: 02-29-2012, 04:54 PM
  2. [SOLVED] Deploy Zimbra Certificate error
    By feiticeir0 in forum Administrators
    Replies: 2
    Last Post: 04-21-2011, 02:42 AM
  3. Replies: 4
    Last Post: 03-18-2008, 09:03 AM
  4. Replies: 5
    Last Post: 11-19-2007, 09:26 AM
  5. I met a refused problem (installing source code):
    By wildhuman in forum Developers
    Replies: 1
    Last Post: 09-05-2006, 03:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •