Execution
Date
29 Aug 2025 11:31:33 +0100
Duration
00:01:32.86
Controller
ssh-gw-4.layershift.com
User
root
Versions
Ansible
2.16.11
ara
1.7.3 / 1.7.3
Python
3.10.10
Summary
5
Hosts
3
Tasks
15
Results
1
Plays
1
Files
0
Records
Task result details
-
StatusOK
-
Duration00:00:58.30
-
PlayPlaybook to install
-
TaskInstall certificate on host
-
Hostldap2-stage
-
Date29 Aug 2025 11:32:38 +0100
-
Module / Actionansible.builtin.shell (/home/ssh-gateway/ansible/zimbra/install_zimbra_certificate_stage_le.yaml:36)
| Field | Value |
|---|---|
| changed |
False |
| cmd |
set -o pipefail chown zimbra.zimbra /tmp/commercial_stage_le.key /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt su -l zimbra -c "cp -prf /tmp/commercial_stage_le.key /opt/zimbra/ssl/zimbra/commercial/commercial.key" su -l zimbra -c "zmcertmgr verifycrt comm /tmp/commercial_stage_le.key /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt" su -l zimbra -c "zmcertmgr deploycrt comm /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt" su -l zimbra -c "zmlocalconfig -e ldap_starttls_required=true" su -l zimbra -c "zmlocalconfig -e ldap_starttls_supported=1" su -l zimbra -c "zmcontrol restart" su -l zimbra -c "zmcertmgr viewdeployedcrt" |
| delta |
0:00:57.906632 |
| end |
2025-08-29 10:32:38.129073 |
| invocation |
{ "module_args": { "_raw_params": "set -o pipefail\nchown zimbra.zimbra /tmp/commercial_stage_le.key /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt\nsu -l zimbra -c \"cp -prf /tmp/commercial_stage_le.key /opt/zimbra/ssl/zimbra/commercial/commercial.key\"\nsu -l zimbra -c \"zmcertmgr verifycrt comm /tmp/commercial_stage_le.key /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt\"\nsu -l zimbra -c \"zmcertmgr deploycrt comm /tmp/ssl_stage_le.crt /tmp/chain_stage_le.crt\"\nsu -l zimbra -c \"zmlocalconfig -e ldap_starttls_required=true\"\nsu -l zimbra -c \"zmlocalconfig -e ldap_starttls_supported=1\"\nsu -l zimbra -c \"zmcontrol restart\"\nsu -l zimbra -c \"zmcertmgr viewdeployedcrt\"\n", "_uses_shell": true, "argv": null, "chdir": null, "creates": null, "executable": "/bin/bash", "expand_argument_vars": true, "removes": null, "stdin": null, "stdin_add_newline": true, "strip_empty_ends": true } } |
| msg |
|
| rc |
0 |
| start |
2025-08-29 10:31:40.222441 |
| stderr |
Could not read certificate from /tmp/ssl_stage_le.crt Unable to load certificate Could not read certificate from /tmp/ssl_stage_le.crt Unable to load certificate |
| stderr_lines |
[ "Could not read certificate from /tmp/ssl_stage_le.crt", "Unable to load certificate", "Could not read certificate from /tmp/ssl_stage_le.crt", "Unable to load certificate" ] |
| stdout |
** Verifying '/tmp/ssl_stage_le.crt' against '/tmp/commercial_stage_le.key' ERROR: Certificate '/tmp/ssl_stage_le.crt' and private key '/tmp/commercial_stage_le.key' do not match. ** Creating directory '/opt/zimbra/ssl/zimbra/ca/newcerts' ** Touching file '/opt/zimbra/ssl/zimbra/ca/index.txt' ** Verifying '/tmp/ssl_stage_le.crt' against '/opt/zimbra/ssl/zimbra/commercial/commercial.key' ERROR: Certificate '/tmp/ssl_stage_le.crt' and private key '/opt/zimbra/ssl/zimbra/commercial/commercial.key' do not match. Host ldap2.zimbra.stage.town Stopping vmware-ha...Done. Stopping zmconfigd...Done. Stopping zimlet webapp...Done. Stopping zimbraAdmin webapp...Done. Stopping zimbra webapp...Done. Stopping service webapp...Done. Stopping stats...Done. Stopping onlyoffice...Done. Stopping spell...Done. Stopping snmp...Done. Stopping cbpolicyd...Done. Stopping archiving...Done. Stopping opendkim...Done. Stopping amavis...Done. Stopping antivirus...Done. Stopping antispam...Done. Stopping proxy...Done. Stopping memcached...Done. Stopping mailbox...Done. Stopping logger...Done. Stopping dnscache...Done. Stopping ldap...Done. Host ldap2.zimbra.stage.town Starting ldap...Done. Starting zmconfigd...Done. Starting stats...Done. - imapd: /opt/zimbra/conf/imapd.crt notBefore=Jun 4 10:32:07 2025 GMT notAfter=Sep 2 10:32:06 2025 GMT subject=CN = proxy-mta.zimbra.stage.town issuer=C = US, O = Let's Encrypt, CN = R11 SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town - ldap: /opt/zimbra/conf/slapd.crt notBefore=Jun 4 10:32:07 2025 GMT notAfter=Sep 2 10:32:06 2025 GMT subject=CN = proxy-mta.zimbra.stage.town issuer=C = US, O = Let's Encrypt, CN = R11 SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town - mta: /opt/zimbra/conf/smtpd.crt notBefore=Jun 4 10:32:07 2025 GMT notAfter=Sep 2 10:32:06 2025 GMT subject=CN = proxy-mta.zimbra.stage.town issuer=C = US, O = Let's Encrypt, CN = R11 SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town - proxy: /opt/zimbra/conf/nginx.crt notBefore=Jun 4 10:32:07 2025 GMT notAfter=Sep 2 10:32:06 2025 GMT subject=CN = proxy-mta.zimbra.stage.town issuer=C = US, O = Let's Encrypt, CN = R11 SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town |
| stdout_lines |
[ "** Verifying '/tmp/ssl_stage_le.crt' against '/tmp/commercial_stage_le.key'", "ERROR: Certificate '/tmp/ssl_stage_le.crt' and private key '/tmp/commercial_stage_le.key' do not match.", "** Creating directory '/opt/zimbra/ssl/zimbra/ca/newcerts'", "** Touching file '/opt/zimbra/ssl/zimbra/ca/index.txt'", "** Verifying '/tmp/ssl_stage_le.crt' against '/opt/zimbra/ssl/zimbra/commercial/commercial.key'", "ERROR: Certificate '/tmp/ssl_stage_le.crt' and private key '/opt/zimbra/ssl/zimbra/commercial/commercial.key' do not match.", "Host ldap2.zimbra.stage.town", "\tStopping vmware-ha...Done.", "\tStopping zmconfigd...Done.", "\tStopping zimlet webapp...Done.", "\tStopping zimbraAdmin webapp...Done.", "\tStopping zimbra webapp...Done.", "\tStopping service webapp...Done.", "\tStopping stats...Done.", "\tStopping onlyoffice...Done.", "\tStopping spell...Done.", "\tStopping snmp...Done.", "\tStopping cbpolicyd...Done.", "\tStopping archiving...Done.", "\tStopping opendkim...Done.", "\tStopping amavis...Done.", "\tStopping antivirus...Done.", "\tStopping antispam...Done.", "\tStopping proxy...Done.", "\tStopping memcached...Done.", "\tStopping mailbox...Done.", "\tStopping logger...Done.", "\tStopping dnscache...Done.", "\tStopping ldap...Done.", "Host ldap2.zimbra.stage.town", "\tStarting ldap...Done.", "\tStarting zmconfigd...Done.", "\tStarting stats...Done.", "- imapd: /opt/zimbra/conf/imapd.crt", "notBefore=Jun 4 10:32:07 2025 GMT", "notAfter=Sep 2 10:32:06 2025 GMT", "subject=CN = proxy-mta.zimbra.stage.town", "issuer=C = US, O = Let's Encrypt, CN = R11", "SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town", "- ldap: /opt/zimbra/conf/slapd.crt", "notBefore=Jun 4 10:32:07 2025 GMT", "notAfter=Sep 2 10:32:06 2025 GMT", "subject=CN = proxy-mta.zimbra.stage.town", "issuer=C = US, O = Let's Encrypt, CN = R11", "SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town", "- mta: /opt/zimbra/conf/smtpd.crt", "notBefore=Jun 4 10:32:07 2025 GMT", "notAfter=Sep 2 10:32:06 2025 GMT", "subject=CN = proxy-mta.zimbra.stage.town", "issuer=C = US, O = Let's Encrypt, CN = R11", "SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town", "- proxy: /opt/zimbra/conf/nginx.crt", "notBefore=Jun 4 10:32:07 2025 GMT", "notAfter=Sep 2 10:32:06 2025 GMT", "subject=CN = proxy-mta.zimbra.stage.town", "issuer=C = US, O = Let's Encrypt, CN = R11", "SubjectAltName=ldap1.zimbra.stage.town, ldap2.zimbra.stage.town, mbox1.zimbra.stage.town, mbox2.zimbra.stage.town, proxy-mta.zimbra.stage.town, zimbra.stage.town" ] |