Search found 533 matches
- Mon Apr 10, 2017 2:58 pm
- Forum: Administrators
- Topic: Another Letsencrypt method
- Replies: 113
- Views: 219948
Re: Another Letsencrypt method
Thought I would mention the CAA record for DNS. Because I run centos 6, I am using the type257 method because my bind version doesn't support the CAA type. ; CAA record for letsencrypt example.net. IN TYPE257 \# 22 000569737375656C657473656E63727970742E6F7267 So in theory, browsers won't accept a ce...
- Sat Feb 18, 2017 4:19 pm
- Forum: Administrators
- Topic: Another Letsencrypt method
- Replies: 113
- Views: 219948
Re: Another Letsencrypt method
Here is another gotcha waiting for people. It isn't a letsencrypt problem as zmcontrol restart issue which you will see because you are probably restarting more frequently that others because of CERT renewals. I have a machine that has gone through about 25 of these automatic cycles until last night...
- Wed Feb 08, 2017 11:54 pm
- Forum: Administrators
- Topic: Another Letsencrypt method
- Replies: 113
- Views: 219948
Re: Another Letsencrypt method
Would this do? I was documenting and reworking the script I use yesterday... It's here: https://github.com/JimDunphy/deploy-zimbra-letsencrypt.sh ... I will double check that renew-hook option to acme.sh tomorrow. I decoupled the acme.sh stuff from my script. That way I can verify different configur...
- Fri Feb 03, 2017 6:08 pm
- Forum: Administrators
- Topic: Another Letsencrypt method
- Replies: 113
- Views: 219948
Re: Another Letsencrypt method
Interesting Question. acme.sh --install does add via cron an entry to automate this and update the cert every 60 days unless you force it. I commented out the cron entry because I copy the .acme.sh directory to the production machines and then ran my script against it. But when I was testing my proc...
- Sun Jan 29, 2017 5:44 pm
- Forum: Administrators
- Topic: [Zimbra Open Source] Cannot get Proxy and Memcached working on v8.6
- Replies: 11
- Views: 5736
Re: [Zimbra Open Source] Cannot get Proxy and Memcached working on v8.6
Wild guess here. netstat -tnpl | grep memcached shows tcp 0 0 0.0.0.0:11211 0.0.0.0:* LISTEN 989/memcached tcp6 0 0 :::11211 :::* LISTEN 989/memcached I see both ipv4 and ipv6 on one of those netstat's ... This thread might help http://forums.zimbra.org/viewtopic.php?f=15&t=61041&hilit=cento...
- Sat Jan 28, 2017 5:21 pm
- Forum: Installation and Upgrade
- Topic: Findings: Upgrade 8.0.7 to 8.7.n (Centos 6.5)
- Replies: 16
- Views: 8279
Re: Findings: Upgrade 8.0.7 to 8.7.n (Centos 6.5)
I noticed that you had to disable secure connections for ldap which I assume was for your SSL/CERTS??? I think you said you did this to get something working so you could move on. zmlocalconfig -e ldap_starttls_supported=0 zmlocalconfig -e ldap_starttls_required=false zmcontrol restart If ldap is no...
- Sat Jan 28, 2017 12:17 am
- Forum: Administrators
- Topic: Simple program to report successful/fail ip logins and sorted by count
- Replies: 29
- Views: 8852
Simple program to report successful/fail ip logins and sorted by count
In case anyone wants to track ip's with user login and the counts by ip. I use it to look for compromised accounts or ones that will be soon. ;-) It resulted from an active dictionary attack on one of our 8.7.1 servers so this quick/dirty script to see what was happening. Run the program without any...
- Fri Jan 27, 2017 11:27 pm
- Forum: Administrators
- Topic: Install New SSL Certificate
- Replies: 2
- Views: 803
Re: Install New SSL Certificate
A few guesses but I haven't experienced that message myself so keep that in mind. When I have received a verify error it is generally because the fullchain is incomplete ... but because you also have hostname listed in that error with ssh(22), I am wondering how you are invoking it. I tend to run it...
- Fri Jan 27, 2017 10:42 pm
- Forum: Installation and Upgrade
- Topic: Findings: Upgrade 8.0.7 to 8.7.n (Centos 6.5)
- Replies: 16
- Views: 8279
Re: Findings: Upgrade 8.0.7 to 8.7.n (Centos 6.5)
I am in the process of upgrading and am at the last stage of the installation. (Migrating mboxgroupXX) You will see that I have had to get over a couple of hurdles, but your input will be valuable for anyone stuck with the dilemma of having to upgrade. Oh my. I just read through some of the things ...
- Fri Jan 27, 2017 9:22 pm
- Forum: Installation and Upgrade
- Topic: Findings: Upgrade 8.0.7 to 8.7.n (Centos 6.5)
- Replies: 16
- Views: 8279
Re: Findings: Upgrade 8.0.7 to 8.7.n (Centos 6.5)
I am going to share a method from my personal blog on my centos 6+ and any zimbra upgrade process. I have done a variation of this since zimbra verson 6 if memory serves. It's intentionally simple (not too automated) with only a few commands. The technique also provides me with a method should we ha...