Yesterday I install my multi-server Zimbra system 2 LDAP, 1 MTA, 1 Mailstore. Everything went pretty smoothly with help from Marcmac *clapping*. I found a problem when trying to send mail though. There was a bunch of TLS errors in the zimbra.log on the MTA. So I went and looked in my install logs and there are some certificate and keystore errors. I removed all instances of Zimbra from my servers cleaned out any sign of zimbra that I could find and now I have just finished installing my master LDAP server. I have the same errors as before, I have search the forums for information on these errors, as I know there is a ton of info on certificates and what not, but I came up dry. Here is a snippit of my log file:
Code:
** Creating CA private key

Generating a 1024 bit RSA private key
...++++++
..++++++
unable to write 'random state'
writing new private key to '/opt/zimbra/ssl/ssl/ca/ca.key'
-----
** Creating CA cert

Signature ok
subject=/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/CN=titan.largnet.on.ca
Getting Private key
unable to write 'random state'
mkdir: cannot create directory `/opt/zimbra/tomcat': Permission denied
** Importing CA

Certificate was added to keystore
** Creating keystore

keytool error: java.io.FileNotFoundException: /opt/zimbra/tomcat/conf/keystore (No such file or directory)
** Creating server cert request

Generating a 1024 bit RSA private key
.......................................................++++++
.................................++++++
unable to write 'random state'
writing new private key to '/opt/zimbra/ssl/ssl/server/server.key'
-----
keytool error: java.lang.Exception: Keystore file does not exist: /opt/zimbra/tomcat/conf/keystore
cp: cannot stat `/opt/zimbra/ssl/ssl/server/tomcat.csr': No such file or directory
cat: /tmp/tomcat.csr.3478: No such file or directory
** Signing cert request

Using configuration from /opt/zimbra/ssl/ssl/zmssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
- break -
Write out database with 1 new entries
Data Base Updated
unable to write 'random state'
3574:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:642:Expecting: CERTIFICATE REQUEST
unable to write 'random state'
Started slapd: pid 3808
From reading these forums and other sources I understand the unable to write random state isn't really anything to worry about. But the unable to create directory seems wrong, I am running the install as root. The only thought that comes to mind on this is that tomcat is not required for LDAP so it is not installed? And since it was unable to create that directory the keystore commands start to choke and it just goes from bad to worse. Thanks in advanced for your help!