Results 1 to 5 of 5

Thread: Commercial certificate woes

  1. #1
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    7

    Default Commercial certificate woes

    So upgrading from 5.0.1 to 5.0.10 wiped my commercial certs.
    I reissued the CSR using All Servers and got new certs from godaddy. I have tried EVERYTHING and nothing is working. I have read all the treads about using ALL servers (which I am) and using different combinations of certs that godaddy sends you (I have) and I still get the error

    Your certificate was not installed due to the error : system failure: XXXXX ERROR: Unmatching certificate (/opt/zimbra/mailboxd/webapps/zimbraAdmin/tmp/current.crt) and private key (/opt/zimbra/mailboxd/webapps/zimbraAdmin/tmp/current_comm.key) pair.

    I have read that people tried the command line method, but I have too and most of them are for 4.x versions. PLEASE HELP IF YOU CAN

  2. #2
    Join Date
    Jul 2007
    Location
    San Jose, CA
    Posts
    1,027
    Rep Power
    10

    Default

    I know you say you've tried everything, but in my experience (and I have been on this forum for a little while) the search engine rarely helps me find just that part of "everything" that I'm actually looking for, even if I'm the one who wrote it. . .. . .so please don't take this as condescending which I'm not trying to be!

    But have you tried the steps I described here? Admittedly this was on an earlier 5.x.x release but it worked for me and seems to have worked for some others, and I did see the same error you have described before I did it exactly this way.

    Do let us know in as much excruciating detail as possible if you still have problems. . .
    Cheers,

    Dan

  3. #3
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    7

    Default yes I tried that

    I have tried that and several command line ones. Even the command line ones give the same error.

  4. #4
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    10

    Default

    Let's make sure there aren't any extra or old files in the way. Please post the output of "ls -laR ~/ssl/". Are you working with zmcertmgr? Run "sudo zmcertmgr -h" for some sample commands.

    BTW do you not have any backups of the old keystore and cert files? Check in /opt/zimbra/.saveconfig/

  5. #5
    Join Date
    Oct 2008
    Posts
    8
    Rep Power
    7

    Default

    Here is the output. I am sure there are no old files hanging around

    [root@metric ssl]# ls -laR *
    zimbra:
    total 40
    drwxr----- 5 root root 4096 Oct 3 12:04 .
    drwxr-xr-x 3 zimbra zimbra 4096 Oct 3 12:04 ..
    drwxr----- 3 root root 4096 Oct 3 12:04 ca
    drwxr----- 2 root root 4096 Oct 3 12:04 commercial
    drwxr----- 2 root root 4096 Oct 3 12:04 server

    zimbra/ca:
    total 72
    drwxr----- 3 root root 4096 Oct 3 12:04 .
    drwxr----- 5 root root 4096 Oct 3 12:04 ..
    -rw-r----- 1 root root 708 Oct 3 12:04 ca.csr
    -rw------- 1 zimbra root 887 Oct 3 12:04 ca.key
    -rw-r--r-- 1 zimbra root 871 Oct 3 12:04 ca.pem
    -rw-r--r-- 1 root root 11 Oct 3 12:04 ca.srl
    -rwxr----- 1 root root 0 Oct 3 12:04 index.txt
    drwxr----- 2 root root 4096 Oct 3 12:04 newcerts
    -rw-r----- 1 zimbra zimbra 7677 Oct 3 12:04 zmssl.cnf

    zimbra/ca/newcerts:
    total 16
    drwxr----- 2 root root 4096 Oct 3 12:04 .
    drwxr----- 3 root root 4096 Oct 3 12:04 ..

    zimbra/commercial:
    total 32
    drwxr----- 2 root root 4096 Oct 3 12:04 .
    drwxr----- 5 root root 4096 Oct 3 12:04 ..
    -rw-r--r-- 1 root root 708 Oct 3 12:04 commercial.csr
    -rw-r--r-- 1 root root 891 Oct 3 12:04 commercial.key

    zimbra/server:
    total 16
    drwxr----- 2 root root 4096 Oct 3 12:04 .
    drwxr----- 5 root root 4096 Oct 3 12:04 ..



    And yes I have used zmcertmgr and know how to work with it. It gives the same error.

Similar Threads

  1. Install a commercial SSL certificate ??
    By nick20 in forum Installation
    Replies: 6
    Last Post: 06-23-2010, 03:08 AM
  2. Problem with Commercial Certificate in 5.0.9 GA
    By bibo in forum Administrators
    Replies: 3
    Last Post: 09-17-2008, 06:03 AM
  3. [SOLVED] Commercial Certificate issue - thawte - again
    By galezer in forum Administrators
    Replies: 7
    Last Post: 06-26-2008, 02:07 AM
  4. Replies: 1
    Last Post: 11-05-2007, 05:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •