I'll try to implement the new changes to make it compatible with the latest ZCS 8.7 releases, but we are still on 8.6 so I also have to test it here to be sure we don't break anything. Thanks! For info the package worked well with previous versions of 8.7 and from our tests the above changes resolv...

Just out of interest: Which of all the available Zimbra PHP libraries is that? Actually I just tried to find the repo but can't locate it... I also just emailed the developers the updates. The script headers include: /** * Zm_Auth * * @author Yannick Lorenz <ylorenz at 1g6.biz> * @author Fabrizio L...

Also thanks msquadrat! We use the ZimbraSoapPhp package which started throwing exceptions after the update to 8.7.11. The above information helped us to fix the package and get it back up and working. For information the changes affected every occurrence of SoapVar in each of the php scripts. To hel...

Editing the two nginx configuration files as shown in the blog post (after creating the 2048 bit PEM file) and adding: ssl_dhparam /opt/zimbra/conf/dhparams.pem; Immediately after restarting it was picked up and both the tests: [View:https://weakdh.org/sysadmin.html:940:0] and [View:https://www.ssll...

Hello Jorge, Thanks a lot for the feedback but unfortunately it didn't resolve the main urgent issue of enabling DH 2048 bit random keys in 8.6 We've since solved the issue by creating a random 2048 key using openssl and then have Nginx pick this up during start-up. At the same time I notice...

Hello All, Following on from the LogJam bug discovery we are upgrading our servers. Unfortunately we haven't worked out how to do this with our Zimbra web client servers as yet. There are these two links: [View:https://blog.zimbra.com/2015/05/logjams-impact-zimbra-collaboration:940:0] [View:http...

We had problems like the above and I think it was linked to the fact that the Z-push servers had not been stopped prior to SSLv3 being blocked, Zimbra restarted, then Z-Push servers restarted. I'm not an expert on this but I think the Z-Push connections stay active. If they are not stopped prior...

We finally got this working.PHP, used by Z-PUSH and Zimbra backend will support TLS automatically from we can see. The issue is that in Zimbra backend (zimbra.php) is forcing it to use SSLv3 by the line:curl_setopt($this->_curl, CURLOPT_SSLVERSION, 3 );According to the comments, this was added to ve...

According to here: [View:http://stackoverflow.com/questions/26378351/error1408f10bssl-routinesssl3-get-recordwrong-version-number-paypal-maybe:0:0] setting curl_setopt($this->_curl, CURLOPT_SSLVERSION, 3 ) to 1, ie. curl_setopt($this->_curl, CURLOPT_SSLVERSION, 1 ) should change to use TLS... Unfort...

Hi All, Due to the recent security problem found in SSLv3, otherwise known as Poodle, we want to disable this on our Zimbra servers to force use of TLS instead. Unfortunately when we did that our Z-Push connections went down as Z-Push Zimbra Backend is using SSLv3 to communicate with the Zimbra serv...