Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command: /opt/zimbra/bin/zmcertmgr verifycrt comm privkey.pem cert.pem chain.pem
It produced this output: ERROR: Unable to validate certificate chain: cert.pem: C = US, O = Internet Security Research Group, CN = ISRG Root X1
error 2 at 2 depth lookup:unable to get issuer certificate
My web server is (include version): Zimbra 8.8.15
The operating system my web server runs on is (include version):
Centos7
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 1.11.0
It looks like Zimbra has a custom step they’d like you to do:
https://wiki.zimbra.com/wiki/Installing_a_LetsEncrypt_SSL_Certificate
The commands here about fetching the X1 root and appending it to the chain might be required. I’m not sure what they’re doing to require that though.
10 Likes
when I run the command
wget -O /tmp/ISRG-X1.pem https://letsencrypt.org/certs/isrgrootx1.pem.txt ,
suddenly the error
ERROR: cannot verify letsencrypt.org 's certificate, issued by '/C=US /O=Let's Encrypt/CN=R3':
Issued certificate has expired.
To connect to letsencrypt.org insecurely, use `--no-check-certificate'. , what should I do?
rg305
June 30, 2022, 3:16am
4
Check the date/time on your server.
7 Likes
I have checked and everything is correct
[root@mail ~]# timedatectl status
Local time: Thu 2022-06-30 10:28:32 WIB
Universal time: Thu 2022-06-30 03:28:32 UTC
RTC time: Thu 2022-06-30 03:28:22
Time zone: Asia/Jakarta (WIB, +0700)
NTP enabled: n/a
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
it worked, but still error like this
/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /etc/letsencrypt/live/mail12.com/cert.pem /etc/letsencrypt/live/mail12.com/chain.pem
** Verifying '/etc/letsencrypt/live/mail12.com/cert.pem' against '/opt/zimbra/ssl/zimbra/commercial/commercial.key'
Certificate '/etc/letsencrypt/live/mail12.com/cert.pem' and private key '/opt/zimbra/ssl/zimbra/commercial/commercial.key' match.
** Verifying '/etc/letsencrypt/live/mail12.com/cert.pem' against '/etc/letsencrypt/live/mail12.com/chain.pem'
ERROR: Unable to validate certificate chain: /etc/letsencrypt/live/mail12.com/cert.pem: C = US, O = Internet Security Research Group, CN = ISRG Root X1
error 2 at 2 depth lookup:unable to get issuer certificate
rg305
June 30, 2022, 7:45am
8
Show:
trust dump --filter="pkcs11:id=%79%b4%59%e6%7b%b6%e5%e4%01%73%80%08%88%c8%1a%58%f6%e9%9b%6e;type=cert"
If nothing is shown, try:
update-ca-trust
[then do it again]
8 Likes
Osiris
June 30, 2022, 7:50am
9
I suppose your wget
is linked to an older version of OpenSSL, probably 1.0.2. You should try to upgrade your software so it uses OpenSSL 1.1.1.
8 Likes
[root@mail ~]# trust dump --filter="pkcs11:id=%79%b4%59%e6%7b%b6%e5%e4%01%73%80%08%88%c8%1a%58%f6%e9%9b%6e;type=cert"
# pkcs11:id=%79%b4%59%e6%7b%b6%e5%e4%01%73%80%08%88%c8%1a%58%f6%e9%9b%6e;type=cert
[p11-kit-object-v1]
private: false
label: "ISRG Root X1"
issuer: "0O1%0b0%09%06%03U%04%06%13%02US1%290%27%06%03U%04%0a%13 Internet Security Research Group1%150%13%06%03U%04%03%13%0cISRG Root X1"
serial-number: "%02%11%00%82%10%cf%b0%d2%40%e3YDc%e0%bbc%82%8b%00"
trusted: true
certificate-category: authority
java-midp-security-domain: 0
url: ""
hash-of-subject-public-key: "%f8%16Q%3c%fd%1bD%9f.k%28%a1%97%22%1f%b8%1fQN%3c"
hash-of-issuer-public-key: ""
check-value: "%ca%bd%2a"
subject: "0O1%0b0%09%06%03U%04%06%13%02US1%290%27%06%03U%04%0a%13 Internet Security Research Group1%150%13%06%03U%04%03%13%0cISRG Root X1"
id: "y%b4Y%e6%7b%b6%e5%e4%01s%80%08%88%c8%1aX%f6%e9%9bn"
start-date: "20150604"
end-date: "20350604"
modifiable: false
nss-mozilla-ca-policy: true
x-distrusted: false
-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
-----END CERTIFICATE-----
after update what should i do?
rg305
June 30, 2022, 8:23am
13
That is the correct certificate.
Please show:
yum list updates
7 Likes
[root@mail ~]# yum list updates
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 9.4 kB 00:00:00
base: mirror.idroot.cloud
epel: linux.domainesia.com
extras: mirror.idroot.cloud
updates: mirror.idroot.cloud
base | 3.6 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
zimbra | 2.9 kB 00:00:00
zimbra-8815-oss | 2.9 kB 00:00:00
Updated Packages
bash.x86_64 4.2.46-35.el7_9 updates
bind-export-libs.x86_64 32:9.11.4-26.P2.el7_9.9 updates
bind-libs.x86_64 32:9.11.4-26.P2.el7_9.9 updates
bind-libs-lite.x86_64 32:9.11.4-26.P2.el7_9.9 updates
bind-license.noarch 32:9.11.4-26.P2.el7_9.9 updates
bind-utils.x86_64 32:9.11.4-26.P2.el7_9.9 updates
binutils.x86_64 2.27-44.base.el7_9.1 updates
cronie.x86_64 1.4.11-24.el7_9 updates
cronie-anacron.x86_64 1.4.11-24.el7_9 updates
cyrus-sasl-lib.x86_64 2.1.26-24.el7_9 updates
device-mapper.x86_64 7:1.02.170-6.el7_9.5 updates
device-mapper-event.x86_64 7:1.02.170-6.el7_9.5 updates
device-mapper-event-libs.x86_64 7:1.02.170-6.el7_9.5 updates
device-mapper-libs.x86_64 7:1.02.170-6.el7_9.5 updates
dhclient.x86_64 12:4.2.5-83.el7.centos.1 updates
dhcp-common.x86_64 12:4.2.5-83.el7.centos.1 updates
dhcp-libs.x86_64 12:4.2.5-83.el7.centos.1 updates
dmidecode.x86_64 1:3.2-5.el7_9.1 updates
epel-release.noarch 7-14 epel
expat.x86_64 2.1.0-14.el7_9 updates
fail2ban.noarch 0.11.2-3.el7 epel
fail2ban-firewalld.noarch 0.11.2-3.el7 epel
fail2ban-sendmail.noarch 0.11.2-3.el7 epel
fail2ban-server.noarch 0.11.2-3.el7 epel
firewalld.noarch 0.6.3-13.el7_9 updates
firewalld-filesystem.noarch 0.6.3-13.el7_9 updates
glib2.x86_64 2.56.1-9.el7_9 updates
glibc.x86_64 2.17-326.el7_9 updates
glibc-common.x86_64 2.17-326.el7_9 updates
glibc-devel.x86_64 2.17-326.el7_9 updates
glibc-headers.x86_64 2.17-326.el7_9 updates
grub2.x86_64 1:2.02-0.87.0.1.el7.centos.9 updates
grub2-common.noarch 1:2.02-0.87.0.1.el7.centos.9 updates
grub2-efi-x64.x86_64 1:2.02-0.87.0.1.el7.centos.9 updates
grub2-pc.x86_64 1:2.02-0.87.0.1.el7.centos.9 updates
grub2-pc-modules.noarch 1:2.02-0.87.0.1.el7.centos.9 updates
grub2-tools.x86_64 1:2.02-0.87.0.1.el7.centos.9 updates
grub2-tools-extra.x86_64 1:2.02-0.87.0.1.el7.centos.9 updates
grub2-tools-minimal.x86_64 1:2.02-0.87.0.1.el7.centos.9 updates
gzip.x86_64 1.5-11.el7_9 updates
kbd.x86_64 1.15.5-16.el7_9 updates
kbd-legacy.noarch 1.15.5-16.el7_9 updates
kbd-misc.noarch 1.15.5-16.el7_9 updates
kernel.x86_64 3.10.0-1160.66.1.el7 updates
kernel-headers.x86_64 3.10.0-1160.66.1.el7 updates
kernel-tools.x86_64 3.10.0-1160.66.1.el7 updates
kernel-tools-libs.x86_64 3.10.0-1160.66.1.el7 updates
kexec-tools.x86_64 2.0.15-51.el7_9.3 updates
kpartx.x86_64 0.4.9-135.el7_9 updates
krb5-devel.x86_64 1.15.1-51.el7_9 updates
krb5-libs.x86_64 1.15.1-51.el7_9 updates
libX11.x86_64 1.6.7-4.el7_9 updates
libX11-common.noarch 1.6.7-4.el7_9 updates
libkadm5.x86_64 1.15.1-51.el7_9 updates
libpcap.x86_64 14:1.5.3-13.el7_9 updates
libuv.x86_64 1:1.44.1-1.el7 epel
libuv-devel.x86_64 1:1.44.1-1.el7 epel
libxml2.x86_64 2.9.1-6.el7_9.6 updates
lvm2.x86_64 7:2.02.187-6.el7_9.5 updates
lvm2-libs.x86_64 7:2.02.187-6.el7_9.5 updates
microcode_ctl.x86_64 2:2.1-73.13.el7_9 updates
nspr.x86_64 4.32.0-1.el7_9 updates
nss.x86_64 3.67.0-4.el7_9 updates
nss-softokn.x86_64 3.67.0-3.el7_9 updates
nss-softokn-freebl.x86_64 3.67.0-3.el7_9 updates
nss-sysinit.x86_64 3.67.0-4.el7_9 updates
nss-tools.x86_64 3.67.0-4.el7_9 updates
nss-util.x86_64 3.67.0-1.el7_9 updates
openldap.x86_64 2.4.44-25.el7_9 updates
openssh.x86_64 7.4p1-22.el7_9 updates
openssh-clients.x86_64 7.4p1-22.el7_9 updates
openssh-server.x86_64 7.4p1-22.el7_9 updates
openssl.x86_64 1:1.0.2k-25.el7_9 updates
openssl-devel.x86_64 1:1.0.2k-25.el7_9 updates
openssl-libs.x86_64 1:1.0.2k-25.el7_9 updates
polkit.x86_64 0.112-26.el7_9.1 updates
python-firewall.noarch 0.6.3-13.el7_9 updates
python-perf.x86_64 3.10.0-1160.66.1.el7 updates
python-virtualenv.noarch 15.1.0-6.el7_9 updates
python2-distro.noarch 1.5.0-1.el7 epel
rpm.x86_64 4.11.3-48.el7_9 updates
rpm-build-libs.x86_64 4.11.3-48.el7_9 updates
rpm-libs.x86_64 4.11.3-48.el7_9 updates
rpm-python.x86_64 4.11.3-48.el7_9 updates
rsyslog.x86_64 8.24.0-57.el7_9.3 updates
screen.x86_64 4.1.0-0.27.20120314git3c2946.el7_9 updates
sudo.x86_64 1.8.23-10.el7_9.2 updates
systemd.x86_64 219-78.el7_9.5 updates
systemd-libs.x86_64 219-78.el7_9.5 updates
systemd-python.x86_64 219-78.el7_9.5 updates
systemd-sysv.x86_64 219-78.el7_9.5 updates
tzdata.noarch 2022a-1.el7 updates
unzip.x86_64 6.0-24.el7_9 updates
virt-what.x86_64 1.18-4.el7_9.1 updates
wpa_supplicant.x86_64 1:2.6-12.el7_9.2 updates
xz.x86_64 5.2.2-2.el7_9 updates
xz-libs.x86_64 5.2.2-2.el7_9 updates
zimbra-apache-components.x86_64 2.0.7-1zimbra8.8b1.el7 zimbra-8815-oss
zimbra-apr-util-libs.x86_64 1.6.1-1zimbra8.7b2.el7 zimbra-8815-oss
zimbra-chat.x86_64 3.0.2.1655178187-1.r7 zimbra-8815-oss
zimbra-clamav.x86_64 0.103.3-1zimbra8.8b3.el7 zimbra-8815-oss
zimbra-clamav-libs.x86_64 0.103.3-1zimbra8.8b3.el7 zimbra-8815-oss
zimbra-common-core-jar.x86_64 8.8.15.1655458176-1.r7 zimbra-8815-oss
zimbra-common-core-libs.x86_64 8.8.15.1654854265-1.r7 zimbra-8815-oss
zimbra-common-mbox-conf-attrs.x86_64 8.8.15.1652767386-1.r7 zimbra-8815-oss
zimbra-common-mbox-conf-msgs.x86_64 8.8.15.1652703447-1.r7 zimbra-8815-oss
zimbra-core-components.x86_64 2.0.16-1zimbra8.8b1.el7 zimbra-8815-oss
zimbra-curl.x86_64 7.49.1-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-curl-libs.x86_64 7.49.1-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-cyrus-sasl.x86_64 2.1.26-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-cyrus-sasl-libs.x86_64 2.1.26-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-dnscache-components.x86_64 1.0.3-1zimbra8.7b1.el7 zimbra-8815-oss
zimbra-heimdal-libs.x86_64 1.5.3-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-httpd.x86_64 2.4.53-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-jetty-distribution.x86_64 9.4.46.v20220331-2.r7 zimbra-8815-oss
zimbra-ldap-components.x86_64 1.0.16-1zimbra8.8b1.el7 zimbra-8815-oss
zimbra-lmdb.x86_64 2.4.59-1zimbra8.8b5.el7 zimbra-8815-oss
zimbra-lmdb-libs.x86_64 2.4.59-1zimbra8.8b5.el7 zimbra-8815-oss
zimbra-mariadb.x86_64 10.1.25-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-mariadb-libs.x86_64 10.1.25-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-mbox-admin-console-war.x86_64 8.8.15.1653031987-1.r7 zimbra-8815-oss
zimbra-mbox-store-libs.x86_64 8.8.15.1654854265-1.r7 zimbra-8815-oss
zimbra-mbox-war.x86_64 8.8.15.1655458176-1.r7 zimbra-8815-oss
zimbra-mbox-webclient-war.x86_64 8.8.15.1654769776-1.r7 zimbra-8815-oss
zimbra-mta-components.x86_64 1.0.15-1zimbra8.8b1.el7 zimbra-8815-oss
zimbra-mta-patch.x86_64 8.8.15.1655471268.p32-1.r7 zimbra-8815-oss
zimbra-net-snmp.x86_64 5.8-1zimbra8.7b2.el7 zimbra-8815-oss
zimbra-net-snmp-libs.x86_64 5.8-1zimbra8.7b2.el7 zimbra-8815-oss
zimbra-nginx.x86_64 1.20.0-1zimbra8.8b3.el7 zimbra-8815-oss
zimbra-opendkim.x86_64 2.10.3-1zimbra8.7b5.el7 zimbra-8815-oss
zimbra-opendkim-libs.x86_64 2.10.3-1zimbra8.7b5.el7 zimbra-8815-oss
zimbra-openjdk.x86_64 17.0.2-1zimbra8.8b1.el7 zimbra-8815-oss
zimbra-openjdk-cacerts.x86_64 1.0.8-1zimbra8.7b1.el7 zimbra-8815-oss
zimbra-openldap-client.x86_64 2.4.59-1zimbra8.8b5.el7 zimbra-8815-oss
zimbra-openldap-libs.x86_64 2.4.59-1zimbra8.8b5.el7 zimbra-8815-oss
zimbra-openldap-server.x86_64 2.4.59-1zimbra8.8b5.el7 zimbra-8815-oss
zimbra-openssl.x86_64 1.1.1n-1zimbra8.7b4.el7 zimbra-8815-oss
zimbra-openssl-libs.x86_64 1.1.1n-1zimbra8.7b4.el7 zimbra-8815-oss
zimbra-patch.x86_64 8.8.15.1655471268.p32-1.r7 zimbra-8815-oss
zimbra-perl.x86_64 1.0.5-1zimbra8.7b1.el7 zimbra-8815-oss
zimbra-perl-crypt-openssl-random.x86_64 0.11-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-crypt-openssl-rsa.x86_64 0.31-1zimbra8.7b2.el7 zimbra-8815-oss
zimbra-perl-dbd-mysql.x86_64 4.050-1zimbra8.7b4.el7 zimbra-8815-oss
zimbra-perl-innotop.x86_64 1.9.1-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-io-socket-ssl.x86_64 2.068-1zimbra8.7b2.el7 zimbra-8815-oss
zimbra-perl-libwww.x86_64 6.13-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-lwp-protocol-https.x86_64 6.06-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-mail-dkim.x86_64 0.40-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-mail-spamassassin.x86_64 3.4.6-1zimbra8.8b3.el7 zimbra-8815-oss
zimbra-perl-net-http.x86_64 6.09-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-net-ssleay.x86_64 1.88-1zimbra8.7b2.el7 zimbra-8815-oss
zimbra-perl-soap-lite.x86_64 1.19-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-xml-parser.x86_64 2.44-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-xml-sax-expat.x86_64 0.51-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-perl-xml-simple.x86_64 2.25-1zimbra8.7b2.el7 zimbra-8815-oss
zimbra-php.x86_64 7.4.27-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-postfix.x86_64 3.6.1-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-postfix-logwatch.x86_64 1.40.03-1zimbra8.7b1.el7 zimbra-8815-oss
zimbra-proxy-components.x86_64 1.0.10-1zimbra8.8b1.el7 zimbra-8815-oss
zimbra-proxy-patch.x86_64 8.8.15.1655471268.p32-1.r7 zimbra-8815-oss
zimbra-snmp-components.x86_64 1.0.3-1zimbra8.7b1.el7 zimbra-8815-oss
zimbra-spamassassin-rules.x86_64 1.0.0-1zimbra8.8b5.el7 zimbra-8815-oss
zimbra-spell-components.x86_64 2.0.8-1zimbra8.8b1.el7 zimbra-8815-oss
zimbra-store-components.x86_64 1.0.3-1zimbra8.7b1.el7 zimbra-8815-oss
zimbra-timezone-data.x86_64 2.0.1.1646993388-1.r7 zimbra-8815-oss
zimbra-unbound.x86_64 1.11.0-1zimbra8.7b3.el7 zimbra-8815-oss
zimbra-unbound-libs.x86_64 1.11.0-1zimbra8.7b3.el7 zimbra-8815-oss
zlib.x86_64 1.2.7-20.el7_9 updates
zlib-devel.x86_64 1.2.7-20.el7_9 updates
is there something wrong?
Osiris
June 30, 2022, 8:29am
16
Hm, it seems CentOS 7 is in "Maintenance Updates2 " only, which probably means there won't be an (official) OpenSSL 1.1.1. for it. There are alternatives for using OpenSSL 1.0.2 and servers serving the Let's Encrypt "long chain" here: Old Let's Encrypt Root Certificate Expiration and OpenSSL 1.0.2 - OpenSSL Blog
Looks like there are many packages to be updated. It's adviced to update regularly to get the latest security updates.
7 Likes
rg305
June 30, 2022, 8:31am
17
Updating [all of] Zimbra might overcome that problem .
8 Likes
does that mean I have to upgrade my zimbra version? to what version?
rg305
June 30, 2022, 8:34am
19
Slight understatement (if that's possible)...
I counted 169 packages!
Has this system ever been updated?
7 Likes
is it safe to update? the data?
rg305
June 30, 2022, 8:35am
21
Those are questions better asked on their support channel(s).
7 Likes
means there is no other way but to update the zimbra system?