Install Commercial SSL to OpenSource Zimbra server

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
vinhhv
Posts: 2
Joined: Tue Oct 09, 2018 3:20 am

Install Commercial SSL to OpenSource Zimbra server

Postby vinhhv » Tue Oct 09, 2018 3:46 am

Hi all,
I have a open source Zimbra server (6.0.2_GA_192.RHEL4_20091020152629 CentOS4 FOSS edition) and i using Self-Singed Certificate
I have a issue with Apple device when they upgrade policy in IOS 12 version
I purchase positiveSSL from Comondo and install it in my our server but not sucessfully
When i check the Key is OK
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt /opt/tool/ssl/hcmcexch2.atvn.com.vn.ca-bundle
** Verifying /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (/opt/tool/ssl/hcmcexch2.atvn.com.vn.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt: OK

But i cannot deploy
/opt/zimbra/bin/zmcertmgr deploycrt comm /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt /opt/tool/ssl/hcmcexch2.atvn.com.vn.ca-bundle
** Verifying /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt against /opt/zimbra/ssl/zimbra/commercial/commercial.key
Certificate (/opt/tool/ssl/hcmcexch2.atvn.com.vn.crt) and private key (/opt/zimbra/ssl/zimbra/commercial/commercial.key) match.
Valid Certificate: /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt: OK
** Copying /opt/tool/ssl/hcmcexch2.atvn.com.vn.crt to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Appending ca chain /opt/tool/ssl/hcmcexch2.atvn.com.vn.ca-bundle to /opt/zimbra/ssl/zimbra/commercial/commercial.crt
** Saving server config key zimbraSSLCertificate...done.
** Saving server config key zimbraSSLPrivateKey...done.
** Installing mta certificate and key...done.
** Installing slapd certificate and key...done.
** Installing proxy certificate and key...done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12...failed.

XXXXX ERROR: failed to create jetty.pkcs12
No certificate matches private key

have anybody can help me to solve this issue?
Thanks and Regards,
Vinh


pup_seba
Outstanding Member
Outstanding Member
Posts: 448
Joined: Sat Sep 13, 2014 2:43 am
Location: Tarragona - Spain

Re: Install Commercial SSL to OpenSource Zimbra server

Postby pup_seba » Tue Oct 09, 2018 9:54 am

First time i see that error but the first google search result returned this: https://wiki.zimbra.com/wiki/Failed_to_ ... tty.pkcs12

Imagevia Imgflip Meme Generator
vinhhv
Posts: 2
Joined: Tue Oct 09, 2018 3:20 am

Re: Install Commercial SSL to OpenSource Zimbra server

Postby vinhhv » Thu Oct 11, 2018 2:14 am

Thank you so much.
My issue is fix and my solution is
"Ensure there's a newline at the end of each cert. If there isn't, the end of one cert and the beginning of the next cert cat on the same line, causing this error. If it isn't this, check for other similar formatting errors in the certs, like an extra space at the end of each line, etc. " as the following https://wiki.zimbra.com/wiki/Certificate_errors

Return to “Administrators”

Who is online

Users browsing this forum: Baidu [Spider] and 28 guests