Thank you! No virtualization, and I have backed up the entire box. As you advised, I will be sure to run the DB consistency checker while the Serv er is down, and before upgrade....
EDIT: It all went great, now running 8.8. from the single install script (after checking the DB)..
Search found 18 matches
- Tue Oct 23, 2018 9:25 pm
- Forum: Installation and Upgrade
- Topic: From 8.6 (patch 11) to 8.8.
- Replies: 2
- Views: 1745
- Tue Oct 23, 2018 8:38 pm
- Forum: Installation and Upgrade
- Topic: From 8.6 (patch 11) to 8.8.
- Replies: 2
- Views: 1745
From 8.6 (patch 11) to 8.8.
Two fast questions regarding an in-place upgrade from 8.6- patch 11 (single system running CentOS 6, just 5 email accounts, but "very important" shared calendars). I already have 'proxy' and 'memcached'. (1) Should I use the migration tool in some way, or just run the installer(s) ? (2) If...
- Thu Feb 23, 2017 3:56 pm
- Forum: Administrators
- Topic: incorrect response to web scan for PCI?
- Replies: 0
- Views: 889
incorrect response to web scan for PCI?
This apparent flaw doe not disqualify PCI status on my network, but the HTTP response (200) does not indicate anything erroneous:
https://my-external-v4-address/css/
is there a way we could respond with error on such a non-specific "sniff"?
https://my-external-v4-address/css/
is there a way we could respond with error on such a non-specific "sniff"?
- Wed May 04, 2016 5:52 pm
- Forum: Administrators
- Topic: Upgrading to openssl-1.0.2g within zimbra 8.6 (Centos 6): it seems to work!
- Replies: 4
- Views: 2518
Re: Upgrading to openssl-1.0.2g within zimbra 8.6 (Centos 6): it seems to work!
This upgrade process still works to upgrade to version 1.0.2h (released yesterday) - both from Zimbra 8.6p6 "original" 1.0.1, and from my previous Upgrade 1.0.2g. The ONLY change is specifying a compiler at the end of the ./Configure command. The new Release fixes CVE-2016-2107, and some l...
- Fri Mar 04, 2016 10:56 am
- Forum: Administrators
- Topic: DROWN -- Cross-protocol attack on TLS
- Replies: 2
- Views: 2023
DROWN -- Cross-protocol attack on TLS
My SWAG is no, DROWN is probably NOT prevented by earlier Zimbra updates for "Poodle". But this is a pure SWAG, and I'm only another SysAdmin - not a spokesperson for Zimbra. I eliminated the Vulnerability with a pair of upgrades - installing the latest JDK8, and then brand new, latest ope...
- Thu Mar 03, 2016 9:51 am
- Forum: Installation and Upgrade
- Topic: zimbra on web server
- Replies: 3
- Views: 1850
zimbra on web server
If you are an EXPERT, then the best way to do this will be to use zimbra proxy as the main web host, and create/install a new virtual host (or two) within nginx (for rewrite/transfer to and from the Apache, listening on a much higher port number). But this is absolutely not supported by the Zimbra C...
- Thu Mar 03, 2016 9:30 am
- Forum: General Questions
- Topic: libssl patches. Re: DROWN vulnerability and 1st March 2016 CVE's
- Replies: 2
- Views: 915
libssl patches. Re: DROWN vulnerability and 1st March 2016 CVE's
In addition, you could attempt the dual upgrades which I did in http://community.zimbra.com/collaboration/f/1886/t/1141300 This basically applied the proposed "8.7" Zimbra solution to a running 8.6. It works! I compiled and installed the newest openssl-1.0.2g (note the "1.0.2", n...
- Thu Mar 03, 2016 9:04 am
- Forum: Administrators
- Topic: Upgrading to openssl-1.0.2g within zimbra 8.6 (Centos 6): it seems to work!
- Replies: 4
- Views: 2518
Upgrading to openssl-1.0.2g within zimbra 8.6 (Centos 6): it seems to work!
Note that I previously upgraded the the built in JDK (to Oracle Version 8u74). This is probably required BEFORE upgrading to openssl -.0.2g with the "no-ssl" option, because I think that "no-ssl" also eliminates the possibility of using TLS 1.0. I simply upacked the tarfile withi...
- Wed Mar 02, 2016 8:00 pm
- Forum: Administrators
- Topic: Upgrading to openssl-1.0.2g within zimbra 8.6 (Centos 6): it seems to work!
- Replies: 4
- Views: 2518
Upgrading to openssl-1.0.2g within zimbra 8.6 (Centos 6): it seems to work!
I downloaded the 1.0.2g tarball, and built it with the following "Configure" command. (Note: I didn't use the basic "config", because I wasn't sure that it would create 'shared' library files.) ./Configure --openssldir=/opt/zimbra/openssl-1.0.2g shared no-krb5 no-zlib no-ssl I do...
- Fri Feb 26, 2016 1:59 pm
- Forum: Administrators
- Topic: Weak encryption
- Replies: 3
- Views: 1340
Weak encryption
Take a look at the OTHER files in ~conf/nginx/templates : The otherwise superb instructions (above) address only the "web" files, and leave the file "nginx.conf.mail.template" using the default value. While you're at it, maybe you should also zap the variables used in the "s...