Daily Weekly Monthly

Daily Shaarli

Previous day
All links of one day in a single page.
Next day

January 12, 2018

Si le serveur Zimbra ne demarre a cause d'un problème SSL

Cela vient du certificat SSL qui est HS :

zimbra@zimbra:~$ /opt/zimbra/bin/zmcertmgr viewdeployedcrt

  • ldap: /opt/zimbra/conf/slapd.crt
    notBefore=Nov 24 21:41:40 2016 GMT
    notAfter=Nov 24 21:41:40 2017 GMT
    subject= /OU=Zimbra Collaboration Server/CN=zimbra.xxx
    issuer= /O=CA/OU=Zimbra Collaboration Server/CN=zimbra.xxx
    SubjectAltName=zimbra.xxx
  • mailboxd: /opt/zimbra/mailboxd/etc/mailboxd.pem
    notBefore=Nov 24 21:41:40 2016 GMT
    notAfter=Nov 24 21:41:40 2017 GMT
    subject= /OU=Zimbra Collaboration Server/CN=zimbra.xxx
    issuer= /O=CA/OU=Zimbra Collaboration Server/CN=zimbra.xxx
    SubjectAltName=zimbra.xxx
  • mta: /opt/zimbra/conf/smtpd.crt
    notBefore=Nov 24 21:41:40 2016 GMT
    notAfter=Nov 24 21:41:40 2017 GMT
    subject= /OU=Zimbra Collaboration Server/CN=zimbra.xxx
    issuer= /O=CA/OU=Zimbra Collaboration Server/CN=zimbra.xxx
    SubjectAltName=zimbra.xxx
  • proxy: /opt/zimbra/conf/nginx.crt
    notBefore=Nov 24 21:41:40 2016 GMT
    notAfter=Nov 24 21:41:40 2017 GMT
    subject= /OU=Zimbra Collaboration Server/CN=zimbra.xxx
    issuer= /O=CA/OU=Zimbra Collaboration Server/CN=zimbra.xxx
    SubjectAltName=zimbra.xxx

voici la procédure pour le régénérer:

https://wiki.zimbra....rtificate_Tools
https://wiki.zimbra....-_Single-Server
Single-Node Self-Signed Certificate

  1. Begin by generating a new Certificate Authority (CA).
    /opt/zimbra/bin/zmcertmgr createca -new

  2. Then generate a certificate signed by the CA that expires in 1825 days.
    /opt/zimbra/bin/zmcertmgr createcrt -new -days 1825

  3. Next deploy the certificate.
    /opt/zimbra/bin/zmcertmgr deploycrt self

  4. Next deploy the CA.
    /opt/zimbra/bin/zmcertmgr deployca

zimbra