Just thought I'd report a problem we had, and found a solution for. We updated from 9.0.0p12 to 9.0.0p13 on a CentOS 8 FIPS-mode system, and followed the instructions at
https://wiki.zimbra.com/wiki/Zimbra_Rel ... PS_Support
In particular, the instructions have you do
Code: Select all
$ zmlocalconfig -e ldap_starttls_supported=0
$ postconf -e "lmtp_tls_fingerprint_digest = sha256"
After the update, outbound e-mail was getting queued (with a transport failure) and not delivered. Looking at zimbra.log, the Postfix smtp process was crashing with signal 11 (SIGSEGV) whenever it tried to deliver an outgoing message.
It turns out you
also have to do:
Code: Select all
$ postconf -e "smtp_tls_fingerprint_digest = sha256"
on installing 9.0.0p13 if you're on a FIPS system. (Note "smtp" in addition to "lmtp".) Then it worked fine. Looks like the release notes need updating...