Hi, I have the following problem and hope somebody knows this error.
Today I upgrade my Sophos XG Software Appliance from SFOS 18.5.3 MR-3-Build408 to SFOS 19.0.0 GA-Build317. After restart my XG gives me a red status for services with the following massage "POPIMAPDeamon" Dead.
After I got this massage I make a SSH connection to the XG and show wich services are running.
By showing the services I saw that the service "warren" is dead and tried to start it.
Additional Informations:
- I haven´t import or change any certificate settings on the Sophos XG
- This service is used only for backup my Sophos XG via mail
- If I go back to SFOS 18.5.3 MR-3-Build408 the service works probably fine
Hi,
please review this thread to see if it might help you?
imap service issue
Ian
XG115W - v19.5 GA - Home
Test machine - Asus P10S-i E3-1225v5, 6gb, 4 intel NICs, v19.5 GA
If a post solves your question please use the 'Verify Answer' button.
Thank you for response. This thread wasn‘t the answer of my problem. Today I found the solution.
Today I found the solution.
————
First I was watching the warren.log
After that I saw that the problem is with the default certificate of the appliance.
The solution was to do the following steps.
1. Chang the CA settings
2. Regenerat the ApplianceCertificate
3. Start the warren service
After that the service is running without any problems.
Hello, I have exact same issue, however, after following all 3 of your steps, I still get the failed service and ther below errors in the warren.log
ERR May 25 17:04:44Z [4160022272]: reading private key '/conf/certificate/capr ivate/Default.key' failed for 'error:06065064:digital envelope routines:EVP_Decr yptFinal_ex:bad decrypt'CRT May 25 17:04:44Z [4160022272]: FATAL: /cfs/proxy/warren/conf/policy.conf : ERROR - init_policy_config
when I tried to restart the warren service, I get
XGS107_SN01_SFOS 19.0.0 GA-Build317# service warren:start -dsnosync503 Service Failed
This fixed it for me. Thank you
Hi Team,
In case the 3 steps mentioned by Jack_St did not work for you, what you can also try is as follows:
1. Email > General Settings > POP and IMAP TLS Configuration and changed the TLS certificate from Default to SecurityAppliance_SSL_CA
2. Login to CLI > Device Management > Advanced Shell and type service warren:restart -dsnosync
3. Verify it by service -S | grep warren and it should be running now.