Mudanças entre as edições de "SSL Expirado Zimbra"

De Slacam_Wiki
Ir para: navegação, pesquisa
Linha 1: Linha 1:
<header class="entry-header" style="margin: 0px auto; width: 584.265625px; color: rgb(187, 187, 187); font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 24px; background-color: rgb(15, 15, 15);">
+
Zimbra OSE Error: Unable to determine enabled services. Cache is out of date or doesn’t exist.
= Zimbra OSE Error: Unable to determine enabled services. Cache is out of date or doesn’t exist. =
+
Posted on 27/12/2012
<div class="entry-meta" style="border: 0px; font-family: inherit; font-size: 12px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; color: rgb(153, 153, 153); clear: both; line-height: 18px; position: absolute; top: 0px; left: 0px;"><span class="sep" style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Posted on&nbsp;</span>[http://jsmcomputers.biz/wp/?p=391 <time class="entry-date" datetime="2012-12-27T09:27:23+02:00">27/12/2012</time>]</div></header>
+
 
<div class="entry-content" style="border: 0px; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; margin: 0px auto; outline: 0px; padding: 1.625em 0px 0px; vertical-align: baseline; width: 584.265625px; color: rgb(187, 187, 187); line-height: 24px; background-color: rgb(15, 15, 15);"><div class="wdgpo wdgpo_medium_count" style="border: 0px; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><div id="___plusone_0" style="border: 0px none; font-family: inherit; font-size: 1px; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; background-color: transparent; float: none; line-height: normal; display: inline-block; width: 90px; height: 20px;"><iframe frameborder="0" hspace="0" marginheight="0" marginwidth="0" scrolling="no" tabindex="0" vspace="0" width="100%" id="I0_1370265376606" name="I0_1370265376606" src="https://apis.google.com/_/+1/fastbutton?bsv&size=medium&count=true&hl=en-US&origin=http%3A%2F%2Fjsmcomputers.biz&url=http%3A%2F%2Fjsmcomputers.biz%2Fwp%2F%3Fp%3D391&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.pt_BR.VoCLQYb_KdI.O%2Fm%3D__features__%2Fam%3DEQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAItRSTOKCjpRiDTkysz2WwKQH7bYN0mkSg#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled&id=I0_1370265376606&parent=http%3A%2F%2Fjsmcomputers.biz&rpctoken=21691973" allowtransparency="true" data-gapiattached="true" title="+1" style="border-width: 0px; border-style: none; font-family: inherit; font-style: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; max-width: 100%; position: static; top: 0px; width: 90px; left: 0px; visibility: visible; height: 20px;"></iframe></div></div>
+
Case:
Case:<br>Suddenly the mail server can’t receive and send email.<br>No changes in configuration and settings.<br>After checking the mail status by zmcontrol status command.<br>[zimbra@mail log]$ zmcontrol status<br>Unable to determine enabled services from ldap.<br>Unable to determine enabled services. Cache is out of date or doesn’t exist.
+
Suddenly the mail server can’t receive and send email.
 +
No changes in configuration and settings.
 +
After checking the mail status by zmcontrol status command.
 +
[zimbra@mail log]$ zmcontrol status
 +
Unable to determine enabled services from ldap.
 +
Unable to determine enabled services. Cache is out of date or doesn’t exist.
  
 
Possible Solutions:
 
Possible Solutions:
Linha 9: Linha 14:
 
1. Timezone for your zimbra whether system timezone and zimbra timezone it matches or not if not then log to zimbra and run “tzselect” and find your correct timezone and make timezone entry in “.bash_profile”.
 
1. Timezone for your zimbra whether system timezone and zimbra timezone it matches or not if not then log to zimbra and run “tzselect” and find your correct timezone and make timezone entry in “.bash_profile”.
  
2. DNS – check whether your DNS configuration is correct.<br>use -<br>dig domain.com<br>dig domain.com mx<br>dig domain.com any
+
2. DNS – check whether your DNS configuration is correct.
 +
use -
 +
dig domain.com
 +
dig domain.com mx
 +
dig domain.com any
  
 
host domain.com
 
host domain.com
  
3. make sure /etc/resolv.conf entry is correct, make sure your “/etc/hosts” Entry is correct.<br>Make sure disabled SeLinux, make sure you set correct permission to zimbra directory if not then run below command to fix permission issue -
+
3. make sure /etc/resolv.conf entry is correct, make sure your “/etc/hosts” Entry is correct.
 +
Make sure disabled SeLinux, make sure you set correct permission to zimbra directory if not then run below command to fix permission issue -
  
 
# chown -R zimbra:zimbra /opt/zimbra
 
# chown -R zimbra:zimbra /opt/zimbra
Linha 19: Linha 29:
 
# /opt/zimbra/libexec/zmfixperms -verbose
 
# /opt/zimbra/libexec/zmfixperms -verbose
  
4. If you are using self signed certificate then run below command<br># zmlocalconfig -s ssl_allow_untrusted_certs
+
4. If you are using self signed certificate then run below command
 +
# zmlocalconfig -s ssl_allow_untrusted_certs
  
 
# If that returns false, please run:
 
# If that returns false, please run:
Linha 26: Linha 37:
  
 
5. Now Try creating certificate, just follow the below Instructions:
 
5. Now Try creating certificate, just follow the below Instructions:
<blockquote style="border: 0px; font-family: Georgia, 'Bitstream Charter', serif; font-style: italic; margin: 0px 3em; outline: 0px; padding: 0px; vertical-align: baseline; quotes: '';">
+
 
 
# su – zimbra -c ‘zmcontrol stop’
 
# su – zimbra -c ‘zmcontrol stop’
  
Linha 39: Linha 50:
 
#vi /opt/zimbra/bin/zmcertmgr
 
#vi /opt/zimbra/bin/zmcertmgr
  
# Find line<br># SUBJECT=”/C=US/ST=N\/A/L=N\/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=${zimbra_server_hostname}”<br># and change to your company name
+
# Find line
 +
# SUBJECT=”/C=US/ST=N\/A/L=N\/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=${zimbra_server_hostname}”
 +
# and change to your company name
  
# then find and change you want value days expire cert validation_days=365 to validation_days=3650<br># save /opt/zimbra/bin/zmcertmgr
+
# then find and change you want value days expire cert validation_days=365 to validation_days=3650
 +
# save /opt/zimbra/bin/zmcertmgr
  
 
#/opt/zimbra/bin/zmcertmgr createca -new
 
#/opt/zimbra/bin/zmcertmgr createca -new
Linha 68: Linha 82:
  
 
#/opt/zimbra/bin/zmcertmgr viewdeployedcrt
 
#/opt/zimbra/bin/zmcertmgr viewdeployedcrt
</blockquote></div>
 

Edição das 14h21min de 3 de junho de 2013

Zimbra OSE Error: Unable to determine enabled services. Cache is out of date or doesn’t exist. Posted on 27/12/2012

Case: Suddenly the mail server can’t receive and send email. No changes in configuration and settings. After checking the mail status by zmcontrol status command. [zimbra@mail log]$ zmcontrol status Unable to determine enabled services from ldap. Unable to determine enabled services. Cache is out of date or doesn’t exist.

Possible Solutions:

1. Timezone for your zimbra whether system timezone and zimbra timezone it matches or not if not then log to zimbra and run “tzselect” and find your correct timezone and make timezone entry in “.bash_profile”.

2. DNS – check whether your DNS configuration is correct. use - dig domain.com dig domain.com mx dig domain.com any

host domain.com

3. make sure /etc/resolv.conf entry is correct, make sure your “/etc/hosts” Entry is correct. Make sure disabled SeLinux, make sure you set correct permission to zimbra directory if not then run below command to fix permission issue -

  1. chown -R zimbra:zimbra /opt/zimbra
  1. /opt/zimbra/libexec/zmfixperms -verbose

4. If you are using self signed certificate then run below command

  1. zmlocalconfig -s ssl_allow_untrusted_certs
  1. If that returns false, please run:
  1. zmlocalconfig -e ssl_allow_untrusted_certs=true

5. Now Try creating certificate, just follow the below Instructions:

  1. su – zimbra -c ‘zmcontrol stop’
  1. rm -rf /opt/zimbra/ssl/*
  1. rm -rf /opt/zimbra/ssl/.rnd
  1. /opt/zimbra/java/bin/keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit
  1. /opt/zimbra/java/bin/keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `su – zimbra -c ‘zmlocalconfig -s -m nokey mailboxd_keystore_password’`
  1. vi /opt/zimbra/bin/zmcertmgr
  1. Find line
  2. SUBJECT=”/C=US/ST=N\/A/L=N\/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=${zimbra_server_hostname}”
  3. and change to your company name
  1. then find and change you want value days expire cert validation_days=365 to validation_days=3650
  2. save /opt/zimbra/bin/zmcertmgr
  1. /opt/zimbra/bin/zmcertmgr createca -new
  1. /opt/zimbra/bin/zmcertmgr deployca -localonly
  1. /opt/zimbra/bin/zmcertmgr createcrt self -new

May be you will receive some Failed but ignore them,

  1. /opt/zimbra/bin/zmcertmgr deploycrt self

Here also

  1. su – zimbra -c ‘zmcontrol start’

It should start services successfully.

  1. /opt/zimbra/bin/zmcertmgr deploycrt self
  1. /opt/zimbra/bin/zmcertmgr deployca

Everything would be perfect here.

  1. su – zimbra -c ‘zmupdateauthkeys’
  1. /opt/zimbra/bin/zmcertmgr viewdeployedcrt
Disponível em "http://wiki.slacam.com.br/index.php?title=SSL_Expirado_Zimbra&oldid=447"