Zimbra certificate issue, Also upgrade news
First up, some of you would have noticed an issue on 6/11 getting to Zimbra. The very short version of the story is that in anticipation of our existing SSL certificate expiring, a new one was ordered. Unbeknownst to anyone here, when they issued the new certificate, the existing one was revoked.Anything that uses OCSP to check the validity of certificates immediately noticed this. Firefox 3 has this enabled by default (and, really, that’s a good thing), so those users all felt the pain.We got the new certificate installed, and all is now well, so if you disabled OCSP as a workaround, you should re-enable it.We also had a problem with the certificate for sending mail, but it only seemed to affect Outlook users. We’ve isolated that one and things will be back to normal shortly.Next up, the aborted upgrade this past Saturday. Around 11PM on Friday night, we discovered an issue our planning and testing didn’t cover. At that point we had three options:
- Wing it and go ahead with the upgrade.
- Temporarily push the upgrade back a week or two while we figured it out.
- Do the first part of the upgrade (moving to the latest server version), but not the second part (moving the service to a 64 bit OS with faster disk) until the next major outage window.
We decided to sleep on it. At 8:45 on Saturday morning, we made the decision to abort and wait at least a week, with the understanding that if we could not figure out the second part of the upgrade, we’d still do the first part, since we know that will at least fix some things.The solution to the issue has been found, and we’ll make the upgrade time official once testing is complete. We currently expect the same outage window we had last weekend (9AM – 1PM Saturday, June 14), but an official announcement will come soon.Thanks for your patience.