I am also using a http/https-proxy in my network, which affects the install using a intermediary http proxy CA
Single-Node Commercial Certificate
First I created a Certificate Signing Request (CSR) for my server (using my own config of course, host.example.com is only an example here)
Code: Select all
opt/zimbra/bin/zmcertmgr createcsr comm -new -subject "/C=US/ST=CA/L=Sunnyvale/O=Zimbra/OU=Zimbra Collaboration Suite/CN=host.example.com" -subjectAltNames host.example.com
- The signed cert into a pem file, "commercial.crt"
- My private Root CA into a pem file, "ca.crt"
- My http proxy CA (which is signed with my private root CA and accordingly is a intermediary CA) into a pem file, "proxy_ca.crt"
Verification went fine so I deployed them
Code: Select all
/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/ca_chain.crt
Code: Select all
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
But when I want to manually run a backup job I am getting the dreadful error "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
Code: Select all
/opt/zimbra/bin/zmbackup -f -s host.example.com -a all
Error occurred: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Have looked around and sadly I cannot find any straight answer what to do. So any help is appreciated.