I've a working ZCS OSS 8.8.9 multinode setup. I've an host for the proxy and another host for the admin. Other hosts for mta and stores.
After I installed from CLI a per domain commercial certificate (Comodo certificate) on the proxy node, I'm unable to modify the domain from AdminConsole. When I click "save" in Configure-->domain->example.com I got the error "Invalid certificate or private key" (screenshot of the error was attached). From CLI I'm able to modify the domain. Before I installed the certificate I was able to modify the domain from AdminConsole.
This is all the steps on proxy node (no errors):
zmprov cd example.com zimbraAuthMech zimbra
zmprov md example.com zimbraVirtualHostName mail.example.com
zmprov md example.com zimbraVirtualIPAddress x.y.u.i
/opt/zimbra/libexec/zmdomaincertmgr savecrt example.com /opt/zimbra/certs/example.com.bundle /opt/zimbra/certs/server.key
zmprov md proxys.com zimbraPublicServiceHostname mail.example.com
zmprov md proxys.com zimbraPublicServiceProtocol https
zmprov md proxys.com zimbraPublicServicePort 443
After proxy was restarted, the webmail shows the correct certificate was loaded.
Please note that the private key is passwordless, and the command "/opt/zimbra/bin/zmcertmgr verifycrt comm ..." returns "Valid certificate chain: ./server.crt: OK"
Any Idea? How to better troubleshoot?
Tnx & br.
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
Discuss your pilot or production implementation with other Zimbra admins or our engineers.
1 post • Page 1 of 1
- dom-error.jpg (105.41 KiB) Viewed 71 times
- cert-error.png (42.5 KiB) Viewed 71 times
Who is online
Users browsing this forum: No registered users and 27 guests