Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Zimbra - Erro de Rede, Network Error, Certificado Vencido

    Încărcat de

    Bernardo Ferrareze
    99 vizualizări3 pagini
    ZIMBRA CERTIFICADO VENCIDO

    Titlu original

    Zimbra – Erro de Rede, Network Error, Certificado Vencido

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    DOCX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    ZIMBRA CERTIFICADO VENCIDO

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    99 vizualizări3 pagini

    Zimbra - Erro de Rede, Network Error, Certificado Vencido

    Încărcat de

    Bernardo Ferrareze
    ZIMBRA CERTIFICADO VENCIDO

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    Zimbra Erro de rede, Network error,

    certificado vencido
    by admin | abr 23, 2011 | Redes, Zimbra |
    Nunca deixe o certificado do seu servidor zimbra vencer (a melhor maneira manter o
    servidor sempre atualizado) e para ver se est vencendo, sempre execute o seguinte
    comando:
    /opt/zimbra/bin/zmcertmgr viewdeployedcrt
    Que retornar coisas do tipo:
    ::service mta::
    notBefore=Apr 22 23:04:27 2010 GMT
    notAfter=Apr 22 23:04:27 2011 GMT
    Falando desde quando e at quando vale o seu certificado. Se o certificado vencer, seus
    usurios vo comear a reclamar que a interface Web apresenta erros de rede e o servidor
    simplesmente vai comear a emitir erros de start e stop como:
    [zimbra@correio ~]$ zmcontrol start
    Host correio.meudominio.com.br
    Starting ldap...Done.
    Unable to determine enabled services from ldap.
    Enabled services read from cache. Service list may be inaccurate.
    Starting logger...Failed.
    Starting logswatch...ERROR: service.FAILURE (system failure:
    ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException
    sun.security.validator.ValidatorException: PKIX path validation
    failed: java.security.cert.CertPathValidatorException: timestamp
    check failed)
    zimbra logger service is not enabled! failed.

    Pra resolver o problema faa o seguinte (as linhas a serem digitadas esto em vermelho e
    tem que ser como root):
    [root@correio ~]# /opt/zimbra/bin/zmcertmgr createca -new
    ** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnfdone
    ** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.keydone.
    ** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pemdone.

    [root@correio ~]# /opt/zimbra/bin/zmcertmgr createcrt -new -days 365


    Validation days: 365
    ** Creating /opt/zimbra/conf/zmssl.cnfdone
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20110423104040
    ** Generating a server csr for download self -new -keysize 1024
    ** Creating /opt/zimbra/conf/zmssl.cnfdone
    ** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20110423104040
    ** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csrdone.
    ** Saving server config key zimbraSSLPrivateKeyfailed.
    ** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csrdone.
    [root@correio ~]# /opt/zimbra/bin/zmcertmgr deploycrt self
    ** Saving server config key zimbraSSLCertificatefailed.
    ** Saving server config key zimbraSSLPrivateKeyfailed.
    ** Installing mta certificate and keydone.
    ** Installing slapd certificate and keydone.
    ** Installing proxy certificate and keydone.
    ** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12done.
    ** Creating keystore file /opt/zimbra/mailboxd/etc/keystoredone.
    ** Installing CA to /opt/zimbra/conf/cadone.
    [root@correio ~]# /opt/zimbra/bin/zmcertmgr deployca
    ** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTSdone.
    ** Saving global config key zimbraCertAuthorityCertSelfSignedfailed.
    ** Saving global config key zimbraCertAuthorityKeySelfSignedfailed.
    ** Copying CA to /opt/zimbra/conf/cadone.
    [root@correio ~]# /opt/zimbra/bin/zmcertmgr viewdeployedcrt
    ::service mta::
    notBefore=Apr 23 13:40:45 2011 GMT
    notAfter=Apr 22 13:40:45 2012 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    SubjectAltName=
    ::service proxy::

    notBefore=Apr 23 13:40:45 2011 GMT


    notAfter=Apr 22 13:40:45 2012 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    SubjectAltName=
    ::service mailboxd::
    notBefore=Apr 23 13:40:45 2011 GMT
    notAfter=Apr 22 13:40:45 2012 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    SubjectAltName=
    ::service ldap::
    notBefore=Apr 23 13:40:45 2011 GMT
    notAfter=Apr 22 13:40:45 2012 GMT
    subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration
    Suite/CN=correio.meudominio.org.br
    SubjectAltName=

    S-ar putea să vă placă și