Host mail.plugged.in
Starting ldap…Done.
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Starting logger…Failed.
Starting logswatch…ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
zimbra logger service is not enabled! failed.
The usual reason for this error is expired an SSL certificate.
This error usually happens if your SSL certificate has expired. There are two solutions for this problem.
The first solution is renewing your certificate and deploying it with the following command :
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/your_new_ssl.crt /path/to/ca_bundle.crtAfter this you need to restart zmcontrol.
The second solution is regenerating self-signed certificate.
[zimbra@host]$ su – zimbra -c ‘zmcontrol stop’[zimbra@host]$ rm -rf /opt/zimbra/ssl/*
[zimbra@host]$ rm -rf /opt/zimbra/ssl/.rnd
[zimbra@host]$ /opt/zimbra/java/bin/keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit
[zimbra@host]$ /opt/zimbra/java/bin/keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `su – zimbra -c ‘zmlocalconfig -s -m nokey mailboxd_keystore_password’`
Then you need to edit /opt/zimbra/bin/zmcertmgr file ( you can use ‘vi’ )
Find validation_days=365 and change to validation_days=3650
And save /opt/zimbra/bin/zmcertmgr
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deployca -localonly
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr createcrt self -new
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deploycrt self
[zimbra@host]$ su – zimbra -c ‘zmcontrol start’
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deploycrt self
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deployca
[zimbra@host]$ su – zimbra -c ‘zmupdateauthkeys’
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr viewdeployedcrt
Reference : (Zimbra Mail Server) Unable to determine enabled services from LDAP
No comments:
Post a Comment