Failed to create jetty.pkcs12

From Zimbra :: Wiki

Jump to: navigation, search

If you are seeing the following error when you try to install the commercial certificate via Administration Console>Certificates,

Your certificate was not installed due to the error : system failure: XXXXX ERROR: failed to create jetty.pkcs12 
Message: Your certificate was not installed due to the error : system failure: XXXXX ERROR: failed to create jetty.pkcs12 
Error code: ZaCertWizard.prototype.installCallback Method: AjxException.UNKNOWN_ERROR Details:system failure: XXXXX 
ERROR: failed to create jetty.pkcs12

On Zimbra 7.x, a common cause of this error is that the uploaded certificates do not contain a trailing newline. To fix, simply edit the file with a text editor and ensure that there is a blank line after the "-----END CERTIFICATE-----" line. On Linux, vi/vim does this by default. (You can force this by editing the file in VI, going to the end of the last dash, hit RETURN and then BACKSPACE. That will place the trailing newline.)

Check the following:

1. Make sure the permissions of the /opt/zimbra/mailboxd/webapps/zimbraAdmin/tmp/ directory is set to 644 zimbra:zimbra.

2. Clear all the current aliases in the mailboxd keystore except for the jetty alias.

keytool -delete -alias tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`

3. If you are running ZCS version 5.0.5, comment out line #539 of the /opt/zimbra/bin/zmcertmgr utility before deploying the cert. This is bug 27581 [[1]].

4. Until 5.0.9, check that commercial.crt last char is a cr, bug 31034 [[2]].


Verified Against: ZCS 5.0.x Date Created: 9/17/2008
Article ID: http://wiki.zimbra.com/index.php?title=Failed_to_create_jetty.pkcs12 Date Modified: 01/15/2013
Personal tools