Hi,
First time installing a single server of Carbonio CE on Rocky 8.7
The carbonio-bootstrap does finish, it exits when creating the ca certificate : Setting up CA...failed.
I get this from the deployment log file.
Mon Mar 27 13:28:38 2023 done. Mon Mar 27 13:28:38 2023 Setting up CA... Mon Mar 27 13:28:38 2023 *** Running as zextras user: /opt/zextras/bin/zmcertmgr createca ** Retrieving CA cert from LDAP... failed ** Retrieving CA private key from LDAP... failed ** Retrieving Commercial CA cert from LDAP... failed ERROR: createca: empty key '/opt/zextras/ssl/carbonio/ca/ca.key' Mon Mar 27 13:28:44 2023 failed.
Regards.
Hi,
I did generate manually using this command
su - zextras $ /opt/zextras/bin/zmcertmgr createca -new -newkey -keysize 4096 -digest sha384 -debug
After that the carbonio-bootstrap could move forward, still it would be great to know why the automatic generation fails
Regards.
I got another error
Mon Mar 27 13:53:58 2023 Saving CA in ldap... Mon Mar 27 13:53:58 2023 *** Running as zextras user: /opt/zextras/bin/zmcertmgr deployca ** Saving config key 'zimbraCertAuthorityCertSelfSigned' via zmprov modifyConfig...failed (rc=2) Mon Mar 27 13:54:01 2023 failed.
I executed the command manually, then I got
$ /opt/zextras/bin/zmcertmgr deployca -debug DEBUG: CertMgr->Debug(1) DEBUG: CertMgr->Command(deployca) DEBUG: deployca DEBUG: initSSLDirs ** Saving config key 'zimbraCertAuthorityCertSelfSigned' via zmprov modifyConfig...ERROR: account.INVALID_ATTR_VALUE (zimbraCertAuthorityCertSelfSigned value length(2139) larger than max allowed: 2048) failed (rc=2)
So I regenerated the CA certificate with a keysize of 2048
$ /opt/zextras/bin/zmcertmgr createca -new -newkey -keysize 2048 -digest sha384 -debug
How did you solve this? i did it again and again, so i have some problems
Running as zextras user: /opt/zextras/bin/zmcertmgr deployca
** Saving config key 'zimbraCertAuthorityCertSelfSigned' via zmprov modifyConfig...failed (rc=1) who solve this problem? can you help me??