Unable to determine enabled services from ldap - Zimbra

You may face suddenly an error of Network services in Zimbra

To check whether its same issue or something else, try

# su zimbra

$zmcontrol status

Then you may found couple of services are not running, then try restarting it

$zmcontrol restart

Now you may get the same error stating “unable to determine enabled services from LDAP”

 Congratulations ! your default 365 days of SSL certificate has expired. So simple,    you have to renew the certificate.

Steps to follow :

1) First stop all services of Zimbra

su – zimbra -c ‘zmcontrol stop’

2) Delete all certificate related files in Zimbra
rm -rf /opt/zimbra/ssl/*
rm -rf /opt/zimbra/ssl/.rnd

3) Delete all keys related to existing certificate

/opt/zimbra/java/bin/keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit
/opt/zimbra/java/bin/keytool -delete -alias jetty -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `su – zimbra -c ‘zmlocalconfig -s -m nokey mailboxd_keystore_password’`
(use commas carefully)

4) Edit certificate parameter

vi /opt/zimbra/bin/zmcertmgr

# Find line
# SUBJECT=”/C=US/ST=N\/A/L=N\/A/O=Zimbra Collaboration Suite/OU=Zimbra Collaboration Suite/CN=${zimbra_server_hostname}”
# and change to your company name
SUBJECT=”/C=US/ST=N\/A/L=N\/A/O=xxxxxxxxxxx/OU=xxxxxxxxxxx/CN=${zimbra_server_hostname}”

# then find and change you want value days expire cert validation_days=365 to validation_days=3650
# save /opt/zimbra/bin/zmcertmgr

5) Create and deploy new self sign certificates

/opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr deployca -localonly
/opt/zimbra/bin/zmcertmgr createcrt self -new
/opt/zimbra/bin/zmcertmgr deploycrt self

su – zimbra -c ‘zmcontrol start’

/opt/zimbra/bin/zmcertmgr deploycrt self
/opt/zimbra/bin/zmcertmgr deployca

su – zimbra -c ‘zmupdateauthkeys’
/opt/zimbra/bin/zmcertmgr viewdeployedcrt

Now you can enjoy Zimbra without any certificate issues for next 10 years