Zimbra stop working.

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
vicksel
Posts: 6
Joined: Wed Jul 18, 2018 4:51 pm

Zimbra stop working.

Post by vicksel »

Hi, I have zimbra 8.7.11 installed on centos, 4 days ago stop working, my cert expired on july 10 but I have tried to renew the certificate but it doesn't work.

Also I try to backup the users and mailbox to migrate to a newer zimbra installation, but I couldn't because all the scripts I have found uses zimbra rest service but I can use it because my zimbra don't start.

When I try to make a query with ldap command also it says
ldap_bind invalid credentials (49) zimbra

I am using this guide

https://preview.ibb.co/cpPbod/guide.png

It already check the ldap passwords and they are correct but it continues saying "invalid credentials".

I tryied changing the passwords with the "zmldappasswd" command and then try with the new password and it's the same.

Any ideas?

Thank you!
User avatar
JDunphy
Outstanding Member
Outstanding Member
Posts: 889
Joined: Fri Sep 12, 2014 11:18 pm
Location: Victoria, BC
ZCS/ZD Version: 9.0.0_P39 NETWORK Edition

Re: Zimbra stop working.

Post by JDunphy »

Just generate a new certificate from the command line and install it. I use letsencrypt but you could do a self signed cert.

I had exactly the same thing happen to me on a centos development machine running 8.7.11 and just generated a new letsencrypt cert.

This might work for the self-sign. It from a script I used many many years ago.

Code: Select all

su - zimbra
zmcertmgr createca -new
zmcertmgr createcrt -new -days 1024 -subject "/C=CA/ST=AB/L=NVA/O=Example Computing/OU=Managed Services/CN=mail.example.com"
zmcertmgr createcrt -new -days 1024 -subjectAltNames "mail.example.net"
zmcertmgr deploycrt self
I think it's easier to generate letsencrypt certificates these days. In any event, once you get your cert installed, zimbra should come backup.
vicksel
Posts: 6
Joined: Wed Jul 18, 2018 4:51 pm

Re: Zimbra stop working.

Post by vicksel »

Hi,

I already run that command but I have an error when "zmprov" command try to save the "zimbraSSLPrivateKey".

When I try to renew the certificate.
Image

This happens when I run the "zmprov" command
Image
User avatar
JDunphy
Outstanding Member
Outstanding Member
Posts: 889
Joined: Fri Sep 12, 2014 11:18 pm
Location: Victoria, BC
ZCS/ZD Version: 9.0.0_P39 NETWORK Edition

Re: Zimbra stop working.

Post by JDunphy »

vicksel wrote:Hi,

I already run that command but I have an error when "zmprov" command try to save the "zimbraSSLPrivateKey".

When I try to renew the certificate.
Image
That certificate didn't install. You need a valid certificate so watch for errors during the install. If it installs you will see success in the output of zmcertmgr. Once you have it installed successfully, restart zimbra so that ldap comes up.
Make sure you have 'zmhostname` as one of the names for the certificate if you have forgotten. If that cert came from my guess above at self-signing then use letsencrypt or research how to generate a self signed certificate from these forums. Things are not that bad. Once you get the certificate installed, it will all work without issue. Expired certs are just that... get a new one and install it from the command line. restart zimbra and off you go.
User avatar
JDunphy
Outstanding Member
Outstanding Member
Posts: 889
Joined: Fri Sep 12, 2014 11:18 pm
Location: Victoria, BC
ZCS/ZD Version: 9.0.0_P39 NETWORK Edition

Re: Zimbra stop working.

Post by JDunphy »

Once you are up and running... then you can renew or do whatever method you want for the certificate you want. I provided 2 methods that are free to get you up and running.
Post Reply