Results 1 to 2 of 2

Thread: Zimbra Admin Service not using right SSL certs

  1. #1
    Join Date
    Mar 2006
    Rep Power

    Default Zimbra Admin Service not using right SSL certs

    After upgrading to 5.0 I used the Admin certificate tool to generate new certificates for my zimbra install. This worked fine for everything except the admin service its self on 7071. It continued to use the existing expired certificate. Digging around the Jetty configuration I found that the keystore that Jetty was using had two certs in it, the old one with the alias 'tomcat' and the new one with the alias 'jetty'. It looks like the jetty server is just taking the first cert in the chain. The solution is to delete the old tomcat certificate out of the keystore

    first cd into the jetty dir
    cd /opt/zimbra/jetty/etc
    list the certs to see if the old tomcat is there, password is zimbra
    /opt/zimbra/java/jre/bin/keytool -list -v -keystore ./keystore
    if it is delete it, password is zimbra
    /opt/zimbra/java/jre/bin/keytool -delete -v -keystore ./keystore -alias tomcat
    then restart the service to use the right cert.

    Hope this helps

  2. #2
    Join Date
    Dec 2007
    Rep Power


    I found this also. It affects all services running from jetty, so if you aren't using the proxy services, it affects imap, pop, etc.

Similar Threads

  1. Replies: 7
    Last Post: 01-24-2007, 10:03 PM
  2. Replies: 16
    Last Post: 09-07-2006, 06:39 AM
  3. Unable to start tomcat
    By chanck in forum Administrators
    Replies: 11
    Last Post: 06-11-2006, 12:58 AM
  4. port 7071 not listening OS X install
    By leeimber in forum Installation
    Replies: 7
    Last Post: 03-21-2006, 09:47 AM
  5. Mail logs
    By Rick Baker in forum Installation
    Replies: 8
    Last Post: 01-17-2006, 03:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts