Pages

Zimbra Unable to determine enabled services from LDAP

[zimbra@host]$ zmcontrol start
Host mail.plugged.in
Starting ldap…Done.
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Starting logger…Failed.
Starting logswatch…ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)
zimbra logger service is not enabled! failed.

The usual reason for this error is expired an SSL certificate.

This error usually happens if your SSL certificate has expired. There are two solutions for this problem.

The first solution is renewing your certificate and deploying it with the following command :

[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/your_new_ssl.crt /path/to/ca_bundle.crt


After this you need to restart zmcontrol.

The second solution is regenerating self-signed certificate.

[zimbra@host]$ su – zimbra -c ‘zmcontrol stop’
[zimbra@host]$ rm -rf /opt/zimbra/ssl/*
[zimbra@host]$ rm -rf /opt/zimbra/ssl/.rnd
[zimbra@host]$ /opt/zimbra/java/bin/keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit
[zimbra@host]$ /opt/zimbra/java/bin/keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `su – zimbra -c ‘zmlocalconfig -s -m nokey mailboxd_keystore_password’`

Then you need to edit  /opt/zimbra/bin/zmcertmgr file ( you can use ‘vi’ )

Find validation_days=365 and change to validation_days=3650

And save /opt/zimbra/bin/zmcertmgr

[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deployca -localonly
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr createcrt self -new
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deploycrt self

[zimbra@host]$ su – zimbra -c ‘zmcontrol start’

[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deploycrt self
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr deployca

[zimbra@host]$ su – zimbra -c ‘zmupdateauthkeys’
[zimbra@host]$ /opt/zimbra/bin/zmcertmgr viewdeployedcrt

Reference : (Zimbra Mail Server) Unable to determine enabled services from LDAP
Posted by
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

You might also like:

  • Remove www1.delta-search.com
    Remove www1.delta-search.com

    Guide to remove Delta Search from Firefox: Open…

  • CISPA Reached the US Senate
    CISPA Reached the US Senate

    While people have been appalled by the recent…

  • Linux : Showing Processor Type, Memory Size, Total Disk Space
    Linux : Showing Processor Type, Memory Size, Total Disk Space

    Anyway, to cut a long story short, I got…

  • Basic Windows 7 system requirements
    Basic Windows 7 system requirements

    If you want to run Windows 7 on your PC, here's…

Popular Posts