Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Can't access the server anymore

  1. #1
    Join Date
    Nov 2005
    Location
    Austria
    Posts
    223
    Rep Power
    9

    Default Can't access the server anymore

    Hi,

    If I want to access my Zimbra server, there is following error (with firefox):

    Code:
    Firefox and 192.168.0.15 cannot communicate securely because they have no common encryption algorithms.
    Internet Explorer tells me the Server or DNS can't be found.

    If i switch the server to http (with "zmtlsctl http") I can only access the frontend.

    I've restarted the server, still the same problem. What can this be?

    What I did (maybe because of this it is broken): I changed the "MTA name" and the "server host name" (can't remember the correct name of this two settings). How can i reset this values with the command prompt?
    Or generally said: How can I make my server work correctly?

  2. #2
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default new certs

    Sounds like your certificates are bad/missing - create a new self-signed cert with zmcreatecert, then zmcertinstall mailbox will install it. Restart tomcat when done.

  3. #3
    Join Date
    Nov 2005
    Location
    Austria
    Posts
    223
    Rep Power
    9

    Default

    That didn't really work.

    Code:
    [zimbra@mail ~]$ zmcreatecert
    ** Importing CA
    
    keytool error: java.lang.Exception: Certificate not imported, alias <my_ca> already exists
    ** Creating keystore
    
    ** Creating server cert request
    
    Generating a 1024 bit RSA private key
    ..++++++
    ....++++++
    unable to write 'random state'
    writing new private key to '/opt/zimbra/ssl/ssl/server/server.key'
    -----
    ** Signing cert request
    
    Using configuration from /opt/zimbra/ssl/ssl/zmssl.cnf
    Check that the request matches the signature
    Signature ok
    Certificate Details:
            Serial Number: 8 (0x8)
            Validity
                Not Before: Nov 21 05:27:58 2005 GMT
                Not After : Nov 21 05:27:58 2006 GMT
            Subject:
                countryName               = US
                stateOrProvinceName       = N/A
                organizationName          = Zimbra Collaboration Suite
                commonName                = mail.*domain*.mine.nu
            X509v3 extensions:
                X509v3 Basic Constraints:
                CA:FALSE
                Netscape Comment:
                OpenSSL Generated Certificate
                X509v3 Subject Key Identifier:
                63:42:7F:6D:28:37:F2:A2:0B:BA:54:C5:1F:0C:C7:31:7C:A4:F4:A9
                X509v3 Authority Key Identifier:
                DirName:/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/CN=mail.*domain*.mine.nu
                serial:00
    
    Certificate is to be certified until Nov 21 05:27:58 2006 GMT (365 days)
    
    Write out database with 1 new entries
    Data Base Updated
    unable to write 'random state'
    Signature ok
    subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=mail.goetzi.mine.nu
    Getting CA Private Key
    unable to write 'random state'
    Code:
    [zimbra@mail ~]$ zmcertinstall
    ** Importing server cert
    
    /opt/zimbra/bin/zmcertinstall: line 81: [: =: unary operator expected
    cp: missing destination file
    Try `cp --help' for more information.

  4. #4
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default command syntax

    You want:
    zmcertinstall mailbox

    (I think that bad error message you saw has been fixed in the lastest code - I'll check it out)

    Don't forget to restart tomcat afterwards.

  5. #5
    Join Date
    Nov 2005
    Location
    Austria
    Posts
    223
    Rep Power
    9

    Default

    That didn't work.

    I did a re-install (over the existing one), changed the domain name (to the one I needed, the name before was just for testing).

    After install:

    Code:
    [zimbra@mail ~]$ zmcontrol status
    Host zimbra.*domain*.de
            antispam                Running
            antivirus               Running
            ldap                    Running
            logger                  Running
            mailbox                 Running
            mta                     Running
            snmp                    Running
            spell                   Running
    Code:
    [zimbra@mail ~]$ zmcreatecert
    ** Importing CA
    
    keytool error: java.lang.Exception: Certificate not imported, alias <my_ca> already exists
    ** Creating keystore
    
    ** Creating server cert request
    
    Generating a 1024 bit RSA private key
    ................++++++
    ............................++++++
    unable to write 'random state'
    writing new private key to '/opt/zimbra/ssl/ssl/server/server.key'
    -----
    ** Signing cert request
    
    Using configuration from /opt/zimbra/ssl/ssl/zmssl.cnf
    Check that the request matches the signature
    Signature ok
    Certificate Details:
            Serial Number: 5 (0x5)
            Validity
                Not Before: Nov 21 16:10:29 2005 GMT
                Not After : Nov 21 16:10:29 2006 GMT
            Subject:
                countryName               = US
                stateOrProvinceName       = N/A
                organizationName          = Zimbra Collaboration Suite
                commonName                = zimbra.*domain*.de
            X509v3 extensions:
                X509v3 Basic Constraints:
                CA:FALSE
                Netscape Comment:
                OpenSSL Generated Certificate
                X509v3 Subject Key Identifier:
                91:85:C3:06:87:D3:07:59:9E:B2:E9:8D:C6:00:29:28:51:2E:D7:10
                X509v3 Authority Key Identifier:
                DirName:/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/CN=mail.*domain*.mine.nu
                serial:00
    
    Certificate is to be certified until Nov 21 16:10:29 2006 GMT (365 days)
    
    Write out database with 1 new entries
    Data Base Updated
    unable to write 'random state'
    Signature ok
    subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=zimbra.*domain*.de
    Getting CA Private Key
    unable to write 'random state'

  6. #6
    Join Date
    Nov 2005
    Location
    Austria
    Posts
    223
    Rep Power
    9

    Default

    (Because it said "you have too many images in your post" i splitted my post)


    Code:
    [zimbra@mail ~]$ zmcertinstall mailbox
    ** Importing server cert
    
    Owner: CN=zimbra.glatter-goetz.de, O=Zimbra Collaboration Suite, ST=N/A, C=US
    Issuer: CN=mail.goetzi.mine.nu, O=Zimbra Collaboration Suite, L=N/A, ST=N/A, C=US
    Serial number: 5
    Valid from: Mon Nov 21 17:10:29 CET 2005 until: Tue Nov 21 17:10:29 CET 2006
    Certificate fingerprints:
             MD5:  E5:A6:A7:FE:66:7B:E3:11:34:32:E9:F5:77:75:E4:7C
             SHA1: CD:A8:D8:CC:5C:CB:03:BD:08:A1:32:14:7A:D8:08:C9:DC:47:0F:14
    Trust this certificate? [no]:  y
    Certificate was added to keystore
    Code:
    [zimbra@mail ~]$ tomcat stop
    Using CATALINA_BASE:   /opt/zimbra/tomcat
    Using CATALINA_HOME:   /opt/zimbra/tomcat
    Using CATALINA_TMPDIR: /opt/zimbra/tomcat/temp
    Using JRE_HOME:       /opt/zimbra/java
    Waiting . shutdown ok
    [zimbra@mail ~]$ tomcat start
    [zimbra@mail ~]$

  7. #7
    Join Date
    Nov 2005
    Location
    Austria
    Posts
    223
    Rep Power
    9

    Default

    OK, looks like this fixed it:

    Code:
    zmcreatecert
    zmcertinstall mta ssl/ssl/server/server.crt ssl/ssl/server/server.key

  8. #8
    Join Date
    Dec 2005
    Posts
    15
    Rep Power
    9

    Default

    Quote Originally Posted by goetzi
    OK, looks like this fixed it:

    Code:
    zmcreatecert
    zmcertinstall mta ssl/ssl/server/server.crt ssl/ssl/server/server.key

    I have followed these steps as well as some outlined in other posts and am still at a loss to get rid of the 'no compatible encryption' error on port 7071

    anymore advise y'all could give?

  9. #9
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default no compatible encryption

    zmcertinstall mailbox
    tomcat stop
    tomcat start

  10. #10
    Join Date
    Dec 2005
    Posts
    15
    Rep Power
    9

    Default

    Quote Originally Posted by marcmac
    zmcertinstall mailbox
    tomcat stop
    tomcat start

    tried doing this again, I still end up with the same error.

    anything else?
    thanks

Similar Threads

  1. initializing ldap...FAILED(256)ERROR
    By manjunath in forum Installation
    Replies: 39
    Last Post: 06-07-2013, 10:27 AM
  2. Zimbra fails after working for 2 weeks
    By Linsys in forum Administrators
    Replies: 10
    Last Post: 10-07-2008, 12:42 AM
  3. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM
  4. Error 256 on Installation
    By RuinExplorer in forum Installation
    Replies: 5
    Last Post: 10-19-2006, 09:19 AM
  5. Replies: 18
    Last Post: 03-20-2006, 01:22 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •