unable to modify domain from AdminConsole - Invalid certificate or private key

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Posts: 45
Joined: Wed Jun 28, 2017 9:40 am

unable to modify domain from AdminConsole - Invalid certificate or private key

Postby simred » Tue Aug 21, 2018 4:37 pm

I've a working ZCS OSS 8.8.9 multinode setup. I've an host for the proxy and another host for the admin. Other hosts for mta and stores.
After I installed from CLI a per domain commercial certificate (Comodo certificate) on the proxy node, I'm unable to modify the domain from AdminConsole. When I click "save" in Configure-->domain->example.com I got the error "Invalid certificate or private key" (screenshot of the error was attached). From CLI I'm able to modify the domain. Before I installed the certificate I was able to modify the domain from AdminConsole.

This is all the steps on proxy node (no errors):
zmprov cd example.com zimbraAuthMech zimbra
zmprov md example.com zimbraVirtualHostName mail.example.com
zmprov md example.com zimbraVirtualIPAddress x.y.u.i

/opt/zimbra/libexec/zmdomaincertmgr savecrt example.com /opt/zimbra/certs/example.com.bundle /opt/zimbra/certs/server.key
/opt/zimbra/libexec/zmdomaincertmgr deploycrts

zmprov md proxys.com zimbraPublicServiceHostname mail.example.com
zmprov md proxys.com zimbraPublicServiceProtocol https
zmprov md proxys.com zimbraPublicServicePort 443

After proxy was restarted, the webmail shows the correct certificate was loaded.
Please note that the private key is passwordless, and the command "/opt/zimbra/bin/zmcertmgr verifycrt comm ..." returns "Valid certificate chain: ./server.crt: OK"

Any Idea? How to better troubleshoot?

Tnx & br.
dom-error.jpg (105.41 KiB) Viewed 178 times
cert-error.png (42.5 KiB) Viewed 178 times

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 17 guests