Failed to create jetty.pkcs12: Difference between revisions
Lshaughnessy (talk | contribs) No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
If you are seeing the following error when you try to install the commercial certificate via '''Administration Console>Certificates''', | {{Archive}}If you are seeing the following error when you try to install the commercial certificate via '''Administration Console>Certificates''', | ||
Your certificate was not installed due to the error : system failure: XXXXX ERROR: failed to create jetty.pkcs12 | Your certificate was not installed due to the error : system failure: XXXXX ERROR: failed to create jetty.pkcs12 |
Latest revision as of 11:16, 30 March 2015
If you are seeing the following error when you try to install the commercial certificate via Administration Console>Certificates,
Your certificate was not installed due to the error : system failure: XXXXX ERROR: failed to create jetty.pkcs12 Message: Your certificate was not installed due to the error : system failure: XXXXX ERROR: failed to create jetty.pkcs12 Error code: ZaCertWizard.prototype.installCallback Method: AjxException.UNKNOWN_ERROR Details:system failure: XXXXX ERROR: failed to create jetty.pkcs12
On Zimbra 7.x, a common cause of this error is that the uploaded certificates do not contain a trailing newline. To fix, simply edit the file with a text editor and ensure that there is a blank line after the "-----END CERTIFICATE-----" line. On Linux, vi/vim does this by default. (You can force this by editing the file in VI, going to the end of the last dash, hit RETURN and then BACKSPACE. That will place the trailing newline.)
Check the following:
1. Make sure the permissions of the /opt/zimbra/mailboxd/webapps/zimbraAdmin/tmp/ directory is set to 644 zimbra:zimbra.
2. Clear all the current aliases in the mailboxd keystore except for the jetty alias.
keytool -delete -alias tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`
3. If you are running ZCS version 5.0.5, comment out line #539 of the /opt/zimbra/bin/zmcertmgr utility before deploying the cert. This is bug 27581 [[1]].
4. Until 5.0.9, check that commercial.crt last char is a cr, bug 31034 [[2]].