SSL Certs will not install from gui

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
User avatar
kdmiller45
Posts: 32
Joined: Sun Jan 19, 2020 11:08 pm

SSL Certs will not install from gui

Postby kdmiller45 » Sat Apr 18, 2020 12:04 am

I'm having a horrible time installing Godaddy certs through the GUI,

I get the following error
SSL Certs install.jpg
SSL Certs install.jpg (49.42 KiB) Viewed 2169 times


Ubuntu Server 18.04
Zimbra 8.8.15_GA_3978.FOSS

can you assist


phoenix
Ambassador
Ambassador
Posts: 26781
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: SSL Certs will not install from gui

Postby phoenix » Sat Apr 18, 2020 5:54 am

Use the command line, there's a wiki article that covers Godaddy certificates.
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
User avatar
kdmiller45
Posts: 32
Joined: Sun Jan 19, 2020 11:08 pm

Re: SSL Certs will not install from gui

Postby kdmiller45 » Mon Apr 20, 2020 7:39 pm

Are the Certificates the problem or the gui interface

Keith
User avatar
DualBoot
Elite member
Elite member
Posts: 1321
Joined: Mon Apr 18, 2016 8:18 pm
Location: France - Earth
ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
Contact:

Re: SSL Certs will not install from gui

Postby DualBoot » Tue Apr 21, 2020 9:13 am

Hello,

it seems that the problem is your SSH connection with key exchange.

Regards,
User avatar
kdmiller45
Posts: 32
Joined: Sun Jan 19, 2020 11:08 pm

Re: SSL Certs will not install from gui

Postby kdmiller45 » Tue Apr 21, 2020 2:50 pm

For my knowledge can you please explain what you mean, my SSH connection with who's key exchange, my server or some site

Thanks for your patience and help

Keith
User avatar
DualBoot
Elite member
Elite member
Posts: 1321
Joined: Mon Apr 18, 2016 8:18 pm
Location: France - Earth
ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
Contact:

Re: SSL Certs will not install from gui

Postby DualBoot » Tue Apr 21, 2020 4:49 pm

Hello,

Zimbra talks to its different servers and itself with ssh.
Zimbra user is related to a ssh key pair and each ssh public key of each zimbra server
is exchanged between each other. So if there is a problem about a connection on remote
server on port 22 like in your screenshot, there must be a problem with that.
You can check that as zimbra user with zmcontrol command :
zmcontrol status -H localhost
zmcontrol status -H remote_zimbra_server_02
zmcontrol status -H and so on.

Regards,
User avatar
kdmiller45
Posts: 32
Joined: Sun Jan 19, 2020 11:08 pm

Re: SSL Certs will not install from gui

Postby kdmiller45 » Tue Apr 21, 2020 4:58 pm

Thank you very much for taking the time to explain, I will check my pfsense firewall and see if I have that port open.

I'm just a simple geek trying to learn

Thanks again
secunets
Posts: 2
Joined: Tue Apr 21, 2020 3:01 pm

Re: SSL Certs will not install from gui

Postby secunets » Sat Jan 09, 2021 12:18 am

I am also experiencing the same challenge which makes it hard to even generate CSR for SSL installation

DualBoot wrote:Hello,

Zimbra talks to its different servers and itself with ssh.
Zimbra user is related to a ssh key pair and each ssh public key of each zimbra server
is exchanged between each other. So if there is a problem about a connection on remote
server on port 22 like in your screenshot, there must be a problem with that.
You can check that as zimbra user with zmcontrol command :
zmcontrol status -H localhost
zmcontrol status -H remote_zimbra_server_02
zmcontrol status -H and so on.

Regards,
User avatar
L. Mark Stone
Elite member
Elite member
Posts: 2226
Joined: Wed Oct 09, 2013 11:35 am
Location: Portland, Maine, US
ZCS/ZD Version: 8.8.15 Network Edition
Contact:

Re: SSL Certs will not install from gui

Postby L. Mark Stone » Sat Jan 09, 2021 12:21 am

secunets wrote:I am also experiencing the same challenge which makes it hard to even generate CSR for SSL installation

DualBoot wrote:Hello,

Zimbra talks to its different servers and itself with ssh.
Zimbra user is related to a ssh key pair and each ssh public key of each zimbra server
is exchanged between each other. So if there is a problem about a connection on remote
server on port 22 like in your screenshot, there must be a problem with that.
You can check that as zimbra user with zmcontrol command :
zmcontrol status -H localhost
zmcontrol status -H remote_zimbra_server_02
zmcontrol status -H and so on.

Regards,


So if it is an inter/intra-server SSH problem, than on all of your Zimbra servers, first run "zmsshkeygen" and then after new SSH keys are finished generating, run "zmupdateauthkeys" on all of the Zimbra servers.

Hope that helps,
Mark
___________________________________
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
Zeta Alliance http://www.zetalliance.org/

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 20 guests