Category Archives: Linux

How to update / renew Zimbra License

Your Zimbra Network License expired 24 days ago :-)

Yes, that message show up when I log in to one of my client and they ask me to renew the license.

Well, the process itself isn’t difficult as what you need to extend zimbra license just ask sales at zimbra.com.

they will email license key and with the key what you need to do is login to zimbra admin.

Click on Global Settings.

Click License will give this screen.

Click Update License.

Browse for license file and click Next.

Your license file is uploaded successfully.

Click Install.

You license file is installed successfully.

Done.

Client can continue their zimbra mailbox.

Renew Certificate or Create New Certificate from Zimbra CLI

my emailLicense for one of our client get expired and current status is in grace period.

Accident happen when server was forced to shutdown due to electrical problem. When the server goes up nothing email server still down. I try to start the service manually.

$ zmcontrol start
Host mail.yourdomain.com
Unable to determine enabled services from ldap.
Unable to determine enabled services. Cache is out of date or doesn’t exist.

Further investigation tell me about certificate expiration, I must renew it.

Here the steps :

# su – zimbra
$ /opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr must be run as user root
$ exit
logout

Hohoho, the command must run by root.

Begin by generating a new Certificate Authority (CA).

# /opt/zimbra/bin/zmcertmgr createca -new

** Creating /opt/zimbra/ssl/zimbra/ca/zmssl.cnf…done
** Creating CA private key /opt/zimbra/ssl/zimbra/ca/ca.key…done.
** Creating CA cert /opt/zimbra/ssl/zimbra/ca/ca.pem…done.

Then generate a certificate signed by the CA that expires in 365 days.

# /opt/zimbra/bin/zmcertmgr createcrt -new -days 365

Validation days: 365
** Creating /opt/zimbra/conf/zmssl.cnf…done
** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20101009200401
** Generating a server csr for download self -new -keysize 1024
** Creating /opt/zimbra/conf/zmssl.cnf…done
** Backup /opt/zimbra/ssl/zimbra to /opt/zimbra/ssl/zimbra.20101009200401
** Creating server cert request /opt/zimbra/ssl/zimbra/server/server.csr…done.
** Saving server config key zimbraSSLPrivateKey…failed.
** Signing cert request /opt/zimbra/ssl/zimbra/server/server.csr…done.

Next deploy the certificate.

# /opt/zimbra/bin/zmcertmgr deploycrt self

** Saving server config key zimbraSSLCertificate…done.
** Saving server config key zimbraSSLPrivateKey…done.
** Installing mta certificate and key…done.
** Installing slapd certificate and key…done.
** Installing proxy certificate and key…done.
** Creating pkcs12 file /opt/zimbra/ssl/zimbra/jetty.pkcs12…done.
** Creating keystore file /opt/zimbra/mailboxd/etc/keystore…done.
** Installing CA to /opt/zimbra/conf/ca…done.

Next deploy the CA

# /opt/zimbra/bin/zmcertmgr deployca

** Importing CA /opt/zimbra/ssl/zimbra/ca/ca.pem into CACERTS…done.
** Saving global config key zimbraCertAuthorityCertSelfSigned…done.
** Saving global config key zimbraCertAuthorityKeySelfSigned…done.
** Copying CA to /opt/zimbra/conf/ca…done.

To finish, verify the certificate was deployed to all the services.

# /opt/zimbra/bin/zmcertmgr viewdeployedcrt

::service mta::
notBefore=Oct  9 13:04:03 2010 GMT
notAfter=Oct  9 13:04:03 2011 GMT
subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
SubjectAltName=
::service proxy::
notBefore=Oct  9 13:04:03 2010 GMT
notAfter=Oct  9 13:04:03 2011 GMT
subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
SubjectAltName=
::service mailboxd::
notBefore=Oct  9 13:04:03 2010 GMT
notAfter=Oct  9 13:04:03 2011 GMT
subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
SubjectAltName=
::service ldap::
notBefore=Oct  9 13:04:03 2010 GMT
notAfter=Oct  9 13:04:03 2011 GMT
subject= /C=US/ST=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
issuer= /C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration

Suite/CN=mail.yourdomain.com
SubjectAltName=
#

done.

Try start the service :

~$ zmcontrol start
Host mail.yourdomain.com
Starting ldap…Done.
Starting logger…Done.
Starting convertd…Done.
Starting mailbox…Done.
Starting antispam…Done.
Starting antivirus…Done.
Starting snmp…Done.
Starting spell…Done.
Starting mta…Done.
Starting stats…Done.
$

Howto Check named configuration error

named can’t start its daemon and left me with nothing than confuse.

# /etc/init.d/bind9 restart

* Stopping domain name service… bind9                                                                                     rndc: connect failed: 127.0.0.1#953: connection refused
[ OK ]
* Starting domain name service… bind9                                 [fail]

fail message don’t give a clue, further investigation with named manual lead me to -g and -p .

Retry to see the error message :

# named -g -p 53

22-Jul-2010 07:34:10.333 starting BIND 9.7.0-P1 -g -p 53
22-Jul-2010 07:34:10.333 built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘-                                             -infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes                                             ‘ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6                                             ‘ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2’ ‘LDFLAGS=-Wl,-Bsymbolic-funct                                             ions’ ‘CPPFLAGS=’
22-Jul-2010 07:34:10.333 adjusted limit on open files from 1024 to 1048576
22-Jul-2010 07:34:10.333 found 4 CPUs, using 4 worker threads
22-Jul-2010 07:34:10.333 using up to 4096 sockets
22-Jul-2010 07:34:10.340 loading configuration from ‘/etc/bind/named.conf’
22-Jul-2010 07:34:10.340 /etc/bind/named.conf.local:16: expected quoted string near ‘.’
22-Jul-2010 07:34:10.341 loading configuration: unexpected token
22-Jul-2010 07:34:10.341 exiting (due to fatal error)

I see, I made mistake in named.conf.local (expected quoted string)

View the error

# nano /etc/bind/named.conf.local

Save the file after editing and start bind9

# /etc/init.d/bind9 start

* Starting domain name service… bind9                                                          [ OK ]
#

Perfecto!

Change php.ini for adjust max upload file size

File too large

That simple message when marketing team want to upload new support ticket that include attachment with size 4 MB.

Yes, that my mistake for not adjust default max upload file size.

The solution is simple :

Edit php.ini file

I use ubuntu and because I more familiar with freebsd I use phpinfo() as my friend to find out where the file is.

According to phpinfo() the php.ini file located in :

/etc/php5/cgi/php.ini

Open that file with nano editor :

# nano /etc/php5/cgi/php.ini

change “upload_max_filesize” to other value. I use 8M.

Save the file.

Continue reading