Merhabalar mail yolu ile bana gelen bir zimbra kullanıcısı mail sunucusunda söyle bir sorun olmuştur ( Zimbra Unable to Determine Enabled Services From Ldap. Starting logger…Failed.) ldap servisi start olmuyor bunun çözümü söyledir.
Hata
[zimbra@mail ~]$ zmcontrol start
Host mail.ardaglassware.com
Starting ldap…Done.
Unable to determine enabled services from ldap.
Enabled services read from cache. Service list may be inaccurate.
Starting zmconfigd…Done.
Starting logger…Failed.
Starting logswatch…ERROR: service.FAILURE (system failure: ZimbraLdapContext) (cause: javax.net.ssl.SSLHandshakeException sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed)
zimbra logger service is not enabled! failed.
Starting mailbox…Done.
Starting antispam…Done.
Starting antivirus…Done.
Starting snmp…Done.
Starting spell…Done.
Starting mta…Failed.
Starting saslauthd…saslauthd[9609] :set_auth_mech : failed to initialize mechanism zimbra
failed.
zmsaslauthdctl failed to start
Starting stats…Done.
Çözüm
Her zamanki gibi bu hatanın nedeni SSL sertifikası…
Bu hata genellikle, SSL sertifikasının süresi dolmuş olur. Bu sorunun iki çözümü vardır.
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr deploycrt comm /opt/zimbra/ssl/zimbra/commercial/your_new_ssl.crt /path/to/ca_bundle.crt
/opt/zimbra/bin/zmcertmgr must be run as user root
zimbra servislerini stop edelim.
[zimbra@mail ~]$ zmcontrol stop
[zimbra@mail ~]$ rm -rf /opt/zimbra/ssl/*
[zimbra@mail ~]$ rm -rf /opt/zimbra/ssl/.rnd
[zimbra@mail ~]$ /opt/zimbra/java/bin/keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit
[zimbra@mail ~]$ /opt/zimbra/java/bin/keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `su – zimbra -c 'zmlocalconfig -s -m nokey mailboxd_keystore_password'`
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr createca -new
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr deployca -localonly
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr createcrt self -new
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr deploycrt self
Zimbra servisini start edelim.
[zimbra@mail ~]$ zmcontrol start
Host mail.ardaglassware.com
Starting ldap…Done.
Starting zmconfigd…Done.
Starting logger…Done.
Starting mailbox…Done.
Starting antispam…Done.
Starting antivirus…Done.
Starting snmp…Done.
Starting spell…Done.
Starting mta…Done.
Starting stats…Done.
Zimbra servisleri start oldu
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr deploycrt self
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr deployca
[zimbra@mail ~]$ su – zimbra -c 'zmupdateauthkeys'
[zimbra@mail ~]$ /opt/zimbra/bin/zmcertmgr viewdeployedcrt