all.
Strange problem. We renewed our wildcard cert on the Zimbra email server over the weekend, and on Monday several users reported their Outlook no longer connected to the server (fortunately the web client still worked for them).
Looking at the Zimbra logs on the affected machines, I am seeing this:
### WARNING ### Failed to obtain server cert. Error: 12019 @ Connection.cpp#1869[SaveCertAndCalcFingerprint()]
### ERROR ### Internal error loading the SSL libraries @ Connection.cpp#1961[Handle_WINHTTP_CALLBACK_STATUS_SECURE_FAILURE()]
### WARNING ### Detected asynchronous WINHTTP_CALLBACK_STATUS_FLAG_SECURITY_CHANNEL_ERROR -> converting to ERROR_WINHTTP_CANNOT_CONNECT @ Connection.cpp#7220[WrapWinHttpSendRequest()]
### WARNING ### Failed to authenticate @ SessionData.cpp#1993[UserSession::Auth()]
### WARNING ### Failed to determine server version, hr: 0x80040115 @ SessionData.cpp#3048[UserSession::IsServerVersionSupported()]
### ERROR ### unable to establish server connection. hr: 80040115 @ ZimbraXPLogon.cpp#855[ZimbraXPLogon::SubmitMessage()]
### ERROR ### Caught 'MailboxUnreachableException: Unable to connect.' @ ZimbraXPLogon.cpp#1288[ZimbraXPLogon::SubmitMessage()]
This only affects 6 people out of 400 atm, so it does not appear to be an issue central to the server. I re-deployed the cert ensuring that the intermediates and root CA were also included. These users are using the same version of Zimbra Connector for Outlook, and system time is correct (in case that was generating the error loading the SSL libs error).
Checking the firewall, I can see that it is not preventing connections from the users with this issue. I wonder if there is some caching that can be cleared...the previous certificate would have expired on the Monday after I deployed the renewed certs.
Has anyone seen anything similar?
