Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: lost connection after STARTTLS

  1. #11
    Join Date
    Sep 2005
    Location
    Calgary
    Posts
    208
    Rep Power
    10

    Default

    [zimbra@shoemasters ~]$ sh -x bin/zmcreatecert
    + CONF=/opt/zimbra/conf
    + TCONF=/opt/zimbra/tomcat/conf
    + B=/opt/zimbra/ssl
    + BASE=/opt/zimbra/ssl/ssl
    + JAVA_HOME=/opt/zimbra/java
    + TOMCAT=/opt/zimbra/tomcat/conf
    + rm -rf /opt/zimbra/ssl/ssl/newCA
    + mkdir -p /opt/zimbra/ssl/ssl/ca
    + mkdir -p /opt/zimbra/ssl/ssl/newCA/newcerts
    + touch /opt/zimbra/ssl/ssl/newCA/index.txt
    + mkdir -p /opt/zimbra/ssl/ssl/cert
    + mkdir -p /opt/zimbra/ssl/ssl/server
    + mkdir -p /opt/zimbra/tomcat/conf
    + getHostInfo
    ++ /opt/zimbra/bin/zmlocalconfig -m nokey zimbra_server_hostname
    + H=shoemasters.com
    + createConf
    + cat /opt/zimbra/conf/zmssl.cnf.in
    + sed -e s/@@HOSTNAME@@/shoemasters.com/
    + createSerial
    + '[' -f /opt/zimbra/ssl/ssl/ca/ca.srl ']'
    ++ cat /opt/zimbra/ssl/ssl/ca/ca.srl
    + SER=06
    ++ expr 06 + 1
    + SER=7
    + '[' 7 -lt 10 ']'
    + SER=07
    + echo 07
    + importCA
    + echo '** Importing CA'
    ** Importing CA
    + echo

    + keytool -import -noprompt -keystore /opt/zimbra/java/jre/lib/security/cacerts -file /opt/zimbra/ssl/ssl/ca/ca.pem -alias my_ca -storepass changeit
    keytool error: java.lang.Exception: Certificate not imported, alias <my_ca> already exists
    + createKeyStore
    + echo '** Creating keystore'
    ** Creating keystore
    + echo

    + rm -f /opt/zimbra/tomcat/conf/keystore
    + keytool -genkey -dname 'CN=shoemasters.com, OU=Zimbra, O=Zimbra, L=NA, S=NA, C=US' -alias tomcat -keyalg RSA -keysize 1024 -keystore /opt/zimbra/tomcat/conf/keystore -storetype JKS -storepass zimbra -keypass zimbra
    + createCertReq
    + echo '** Creating server cert request'
    ** Creating server cert request
    + echo

    + openssl req -new -nodes -out /opt/zimbra/ssl/ssl/server/server.csr -keyout /opt/zimbra/ssl/ssl/server/server.key -newkey rsa:1024 -config /opt/zimbra/ssl/ssl/zmssl.cnf -batch
    Generating a 1024 bit RSA private key
    .++++++
    ............++++++
    unable to write 'random state'
    writing new private key to '/opt/zimbra/ssl/ssl/server/server.key'
    -----
    + keytool -certreq -keyalg RSA -alias tomcat -file /opt/zimbra/ssl/ssl/server/tomcat.csr -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
    + cp /opt/zimbra/ssl/ssl/server/tomcat.csr /tmp/tomcat.csr.9212
    + cat /tmp/tomcat.csr.9212
    + sed -e 's/NEW CERTIFICATE REQUEST/CERTIFICATE REQUEST/'
    + signCertReq
    + echo '** Signing cert request'
    ** Signing cert request
    + echo

    + openssl ca -out /opt/zimbra/ssl/ssl/server/server.crt -notext -config /opt/zimbra/ssl/ssl/zmssl.cnf -in /opt/zimbra/ssl/ssl/server/server.csr -keyfile /opt/zimbra/ssl/ssl/ca/ca.key -cert /opt/zimbra/ssl/ssl/ca/ca.pem -batch
    Using configuration from /opt/zimbra/ssl/ssl/zmssl.cnf
    Check that the request matches the signature
    Signature ok
    Certificate Details:
    Serial Number: 7 (0x7)
    Validity
    Not Before: Nov 29 10:29:24 2005 GMT
    Not After : Nov 29 10:29:24 2006 GMT
    Subject:
    countryName = US
    stateOrProvinceName = N/A
    organizationName = Zimbra Collaboration Suite
    commonName = shoemasters.com
    X509v3 extensions:
    X509v3 Basic Constraints:
    CA:FALSE
    Netscape Comment:
    OpenSSL Generated Certificate
    X509v3 Subject Key Identifier:
    49:A2:55:5D:6E:53:91:31:70:C6:7C:56:04:6A2:AC:48:6C:1D:F9
    X509v3 Authority Key Identifier:
    DirName:/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/CN=shoemasters.com
    serial:00

    Certificate is to be certified until Nov 29 10:29:24 2006 GMT (365 days)

    Write out database with 1 new entries
    Data Base Updated
    unable to write 'random state'
    + openssl x509 -CA /opt/zimbra/ssl/ssl/ca/ca.pem -CAkey /opt/zimbra/ssl/ssl/ca/ca.key -CAserial /opt/zimbra/ssl/ssl/ca/ca.srl -req -in /opt/zimbra/ssl/ssl/server/tomcat.csr -out /opt/zimbra/ssl/ssl/server/tomcat.crt -days 365
    Signature ok
    subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=shoemasters.com
    Getting CA Private Key
    unable to write 'random state'
    + cp /opt/zimbra/ssl/ssl/server/server.crt /opt/zimbra/conf/slapd.crt
    + cp /opt/zimbra/ssl/ssl/server/server.key /opt/zimbra/conf/slapd.key
    + mkdir -p /opt/zimbra/conf/ca
    + cp /opt/zimbra/ssl/ssl/ca/ca.key /opt/zimbra/conf/ca/ca.key
    + cp /opt/zimbra/ssl/ssl/ca/ca.pem /opt/zimbra/conf/ca/ca.pem
    Computer King

    http://www.computerking.ca

    Sales, Service, and Hosting
    Email, Data, and Web Packages
    Ask about web design specials

    Affiliates
    http://www.computerking.ca/pages/lin...affiliates.htm

  2. #12
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default Follow this thread

    http://www.zimbra.com/forums/showthr...p?threadid=865

    This is the same issue, so let's move the discussion over there - run the zmcertinstall listed in that thread.

Similar Threads

  1. zmprov mc default zimbraFeatureNotebookEnabled TRUE
    By nbhanji in forum Installation
    Replies: 11
    Last Post: 04-29-2008, 11:39 AM
  2. Replies: 3
    Last Post: 07-19-2007, 03:00 AM
  3. SMTP SSL Problem
    By nexus in forum Installation
    Replies: 8
    Last Post: 03-15-2007, 08:26 AM
  4. lost connection after RCPT
    By scott_mcneilage in forum Administrators
    Replies: 1
    Last Post: 05-20-2006, 05:00 AM
  5. lost connection after AUTH
    By avisser in forum Administrators
    Replies: 4
    Last Post: 10-18-2005, 03:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •