[SOLVED] Problem with install the self-signed certificate on zimbra 5.0.10_GA_2638.RH

[himoi]

Hello all,

When i renew my certificates by web-admin, i got o error "Your certificate was not install due to the error: system failure: XXXXX ERROR: failed to create jetty.pkcs12"

and i can not start my zimbra mail server. This is my log

"

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:647

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:647

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:647

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:647

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:647

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:647

TLS: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib ssl_rsa.c:669

main: TLS init def ctx failed: -1

"

Please tell me how i can fix this. I result on forum but i cannot see a solution

Thank you very much

[himoi]

Hello all,

I fixed this error. I did by following

(Base on
As">http://wiki.zimbra.com/index.php?title= ... ertificate)
As Root:

rm -rf /opt/zimbra/ssl

mkdir /opt/zimbra/ssl

chown zimbra:zimbra /opt/zimbra/ssl

chown zimbra:zimbra /opt/zimbra/java/jre/lib/security/cacerts

chmod 644 /opt/zimbra/java/jre/lib/security/cacerts
As zimbra:

keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit

keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass zimbra

zmlocalconfig -s -m nokey mailboxd_keystore_password
As root:

/opt/zimbra/bin/zmcertmgr createca -new

/opt/zimbra/bin/zmcertmgr deployca -localonly

/opt/zimbra/bin/zmcertmgr createcrt self -new

/opt/zimbra/bin/zmcertmgr deploycrt self
As zimbra

zmcontrol start
Hope this will help you

Vinh Huynh

[consultorpc]

Thank you very much, we had a similar problem when updating from 6.0.0 to 6.0.3 :
This appears to be 6.0.0_GA

Stopping mysql...done.

Checking ldap status...not running.

Running zmldapapplyldif...failed.

Checking ldap status...not running.

Starting ldap...failed with exit code: 256.

main: TLS init def ctx failed: -1

UPGRADE FAILED - exiting.
Solved with your solution.

[rnuno]

Upgraded from 5.0.18 to 5.0.21 and now i cant stard my server my server:
Starting ldap...Done.

FAILED

Failed to start slapd. Attempting debug start to determine error.

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line pem_lib.c:650

TLS: error:02001002:system library:fopen:No such file or directory bss_file.c:356

TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:358

main: TLS init def ctx failed: -1
I already tried the solution on this post all teh steps went ok but the result is the same. I dont know what to do next my server wont start and we lost all the emails for 100 people we only operate one Zimbra server.

[11139dimitrios]

If you have any problems to start ldap use this instead , it worked to me in zimbra 7
As Root:

rm -rf /opt/zimbra/ssl

mkdir /opt/zimbra/ssl

chown zimbra:zimbra /opt/zimbra/ssl

chown zimbra:zimbra /opt/zimbra/java/jre/lib/security/cacerts

chmod 644 /opt/zimbra/java/jre/lib/security/cacerts

[technopop]

Thankyou,
Got me past an upgraded from ubuntu 8.04 32bit to 10.04 32bit with zcs 7.21