Results 1 to 3 of 3

Thread: Upgrade SLAPD Cert problem

Hybrid View

  1. #1
    Join Date
    Nov 2005
    Rep Power

    Default Upgrade SLAPD Cert problem

    I just ran the upgrade script, installed the new tar file on Fedora Core 3, and am now stuck at the config screen:

    Checking ldap on localhost:389...FAILED
    Checking ldap on localhost:389...FAILED
    Main menu
       1) Hostname:                      
       2) Ldap master host:              
       3) Ldap port:                               389
       4) Ldap password:                           set
       5) zimbra-ldap:                             Enabled
       6) zimbra-store:                            Enabled
       7) zimbra-mta:                              Enabled
       8) zimbra-snmp:                             Enabled
       9) zimbra-logger:                           Enabled
      10) zimbra-spell:                            Enabled
       r) Start servers after configuration        yes
       s) Save config to file
       x) Expand menu
       q) Quit
    Address unconfigured (**) items or correct ldap configuration  (? - help)
    I uncommented the errorlog 0 line from slapd.conf and this is what the zimbra log tells me:

    Nov 29 09:55:09 mail slapd[25170]: @(#) $OpenLDAP: slapd 2.2.28 (Nov  9 2005 12:02:16) $
    Nov 29 09:55:09 mail slapd[25170]: bdb_db_init: Initializing BDB database
    Nov 29 09:55:09 mail slapd[25170]: main: TLS init def ctx failed: -1
    Nov 29 09:55:09 mail slapd[25170]: slapd stopped.
    Nov 29 09:55:09 mail slapd[25170]: connections_destroy: nothing to destroy.
    I looked into the TLS error, and it sent me back to the slapd.conf file to make sure the certificates were listed, and that they existed. My slapd.conf file looks like this:

    TLSCertificateFile /opt/zimbra/conf/slapd.crt
    TLSCertificateKeyFile /opt/zimbra/conf/slapd.key
    TLSVerifyClient never
    TLSCACertificateFile /opt/zimbra/conf/ca/ca.pem
    If I look in the /opt/zimbra/conf directory however, none of the files exist. I assume they should be there, but since they aren't, what should I do?

    As a side note I also had to add the root slapd password to the slapd.conf file. It was listed in the config screen, but was not in the conf file, which also prevented slapd from starting up.


  2. #2
    Join Date
    Sep 2005
    Rep Power

    Default slapd

    The root password should be in /opt/zimbra/conf/slapd.conf in an encrypted format - search for "SHA" to find it.

    For the certs - run zmcreateca, then zmcreatecert, and the ldap certs will be created.

  3. #3
    Join Date
    Nov 2005
    Rep Power

    Default That got it

    That got it. Thanks.

Similar Threads

  1. 4.01 to 4.02 upgrade problem (with solution)
    By criley in forum Migration
    Replies: 2
    Last Post: 09-28-2006, 11:36 PM
  2. Certificate problem following 3.1.0 -> 4.0 upgrade
    By simonellistonball in forum Migration
    Replies: 5
    Last Post: 09-26-2006, 01:56 PM
  3. 3.1.3OS Upgrade Problem
    By mcevoys in forum Installation
    Replies: 7
    Last Post: 06-16-2006, 09:47 AM
  4. SSL Cert Problem using SOAP API
    By pbwebguy in forum Developers
    Replies: 1
    Last Post: 06-06-2006, 05:29 PM
  5. Odd GA upgrade problem
    By drewage in forum Installation
    Replies: 2
    Last Post: 02-08-2006, 09:17 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts