Results 1 to 2 of 2

Thread: Problem with extern accounts caused of certification issues

  1. #1
    Join Date
    Oct 2013
    Posts
    2
    Rep Power
    2

    Default Problem with extern accounts caused of certification issues

    Hi there

    I've just installed Zimbra 8 OpenSource on Ubuntu 12 64Bit (VirtualBox machine...let's call this machine ZIMBRA) for testing reasons. After installation I've installed the self-signed certificates by the certification web console manager successfully.

    I've got an extern Server with cyrus imap running well on port 143 and 993 (imaps). Let's call this Server EXTERN.

    On ZIMBRA I installed Evolution and Thunderbird for testing reasons. The IMAP-mail account of let's say USER on EXTERN could be configured well and works by using the non-secure imap protocol on port 143 and the secure (ssl) imaps protocol on port 993 for Evolution and Thunderbird as well. With both clients everything is nice using ZIMBRA as client host accessing the IMAP account on EXTERN.


    I log in to the account I created on ZIMBRA via the Zimbra web-interface and in Settings/accounts I want to add this USER account but it doesn't work.


    I click on imap, enter the right user name, password and the official (from Internet accessible, same as in Evolution and Thunderbird) FQN of EXTERN and it doesn't work. It just messages FAILED. Same effect when turning on SSL and connecting through port 993.


    On EXTERN, the cyrus server on the internet messages:

    When trying to connect via imap 143

    Oct 14 21:19:19 ERSETZT master[22939]: about to exec /usr/lib/cyrus/bin/imapd
    Oct 14 21:19:19 ERSETZT imap[22939]: executed
    Oct 14 21:19:19 ERSETZT imap[22939]: accepted connection
    Oct 14 21:19:19 ERSETZT imap[22939]: TLS server engine: cannot load CA data
    Oct 14 21:19:19 ERSETZT imap[22939]: imapd:Loading hard-coded DH parameters
    Oct 14 21:19:19 ERSETZT imap[22939]: TLS server engine: No CA file specified. Client side certs may not work
    Oct 14 21:19:19 ERSETZT imap[22939]: SSL_accept() incomplete -> wait
    Oct 14 21:19:19 ERSETZT imap[22939]: sslv3 alert certificate unknown in SSL_acce pt() -> fail
    Oct 14 21:19:19 ERSETZT imap[22939]: STARTTLS negotiation failed: %IP of Zimbra Server%


    When trying to connect via imaps 993

    Oct 14 21:46:37 ERSETZT imaps[23172]: accepted connection
    Oct 14 21:46:37 ERSETZT imaps[23172]: TLS server engine: cannot load CA data
    Oct 14 21:46:37 ERSETZT imaps[23172]: imapd:Loading hard-coded DH parameters
    Oct 14 21:46:37 ERSETZT imaps[23172]: SSL_accept() incomplete -> wait
    Oct 14 21:46:37 ERSETZT imaps[23172]: sslv3 alert certificate unknown in SSL_accept() -> fail
    Oct 14 21:46:37 ERSETZT imaps[23172]: imaps TLS negotiation failed: %IP%
    Oct 14 21:46:37 ERSETZT imaps[23172]: Fatal error: tls_start_servertls() failed
    Oct 14 21:46:37 ERSETZT master[5217]: process 23172 exited, status 75
    Oct 14 21:46:37 ERSETZT master[5217]: service imaps pid 23172 in BUSY state: terminated abnormally



    I've tried several ways of generating new server certificates for ZIMBRA but I always had the same behaviour.

    What way might be helpful here? What can be done here? Obviously it's a certificate issue related to the zimbra instance only (even Evolution and Thundbird on the SAME machine can handle the certificates properly).


    Regards

  2. #2
    Join Date
    Oct 2013
    Posts
    2
    Rep Power
    2

    Default

    I tried also this
    Problem with Certificate can cause MTA Failure - Zimbra :: Wiki

    but it didn't help me out. I always get the same error. What do you think is the reason for that? Doesn't anyone know how to solve this problem?

    Regards

Similar Threads

  1. Replies: 9
    Last Post: 06-10-2013, 07:56 AM
  2. Password synchronization between extern Ldap and Zimbra
    By saucisson47 in forum Administrators
    Replies: 1
    Last Post: 02-11-2010, 02:33 PM
  3. Replies: 2
    Last Post: 03-04-2009, 11:11 AM
  4. [SOLVED] Auth from Extern LDAP
    By augustobsb in forum Administrators
    Replies: 14
    Last Post: 05-07-2008, 09:10 PM
  5. [SOLVED] Import Data from LDAP Extern
    By augustobsb in forum Administrators
    Replies: 0
    Last Post: 04-29-2008, 11:13 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •