MRatWork Forum by Mustafa Ramadhan
Sawo Project - Kloxo-MR Discussions => Kloxo-MR Bugs and Requests => Topic started by: mehawk on 2016-06-08, 17:22:12
-
Hello i was wondering if anyone succeeded in installing letsencrypt certficate. I want to install letsencrypt certificate on CentOS 6.8, Kloxo-MR: 7.0.0.b-2016060703. I have multiple clients on my VPS
Please guide me on this.
-
1. Check application with 'letsencrypt-auto --version'
2. If no error, try add certificate with 'admin > all > all domains > select one > ssl certificate > add letsencrypt certificate'.
If your domain is domain.com, by default, SAN are 'domain.com, www.domain.com, cp.domain.com and webmail.domain.com'. So, make sure www, cp and webmail declare in 'A record' for dns setting of domain.com.
-
1. Check application with 'letsencrypt-auto --version'
2. If no error, try add certificate with 'admin > all > all domains > select one > ssl certificate > add letsencrypt certificate'.
If your domain is domain.com, by default, SAN are 'domain.com, www.domain.com, cp.domain.com and webmail.domain.com'. So, make sure www, cp and webmail declare in 'A record' for dns setting of domain.com.
1. went fine with following output
letsencrypt 0.8.0
2. went fine and created certificate.
when i try to access my site using https://example.com the browser gives following error:
Unable to connect:
can't establish a connection to the server at example.com
anything which i am doing wrong?
-
Inform here your 'sh /script/sysinfo'.
-
[root@server1 ~]# sh /script/sysinfo
A. Control Panel:
- Kloxo-MR: 7.0.0.b-2016060703
- Web: hiawatha-10.3.0-f.1.mr.el6.i686
- PHP: php54s-5.4.43-1.ius.el6 (fpm mode)
B. Plateform:
- OS: CentOS release 6.8 (Final) i686
- Hostname: server1.example.com
C. Services:
1. MySQL: MariaDB-server-10.0.25-1.el6.i686
2. PHP:
- 'Branch' installed: php54-cli-5.4.45-1.ius.el6.i686
- 'Multiple' installed:
* php54m-5.4.44-1.ius.el6
* php55m-5.5.28-1.ius.el6
* php56m-5.6.12-1.ius.el6
- 'Used' selected: php56m-fpm
- 'Multiple' status: disable
3. Web Used: apache
- Hiawatha: --unused--
- Lighttpd: --uninstalled--
- Nginx: --uninstalled--
- Httpd: httpd24u-2.4.20-2.ius.el6.i686
- PHP Type: php-fpm_event
4. WebCache: varnish
- ATS: --uninstalled--
- Squid: --uninstalled--
- Varnish: varnish-3.0.7-1.el6.i686
5. Dns: djbdns
- Bind: --uninstalled--
- DJBDns: djbdns-1.05-17.4.mr.el6.i386
- NSD: --uninstalled--
- PowerDNS: --uninstalled--
- Yadifa: --uninstalled--
6. Mail: qmail-toaster-1.03-1.3.55.mr.el6.i386
- pop3/imap4: courier-imap-toaster-4.1.2-1.3.19.mr.el6.i686
- spam: bogofilter-1.2.4-1.el6.i686
D. Memory:
total used free shared buffers cached
Mem: 3072 496 2575 3 0 313
-/+ buffers/cache: 182 2889
Swap: 3072 5 3066
E. Disk Space:
Filesystem Size Used Avail Use% Mounted on
/dev/ploop43096p1 119G 19G 95G 17% /
*** Process Time: 00:00:00:06.6002 (dd:hh:mm:ss:xxxxxx) ***
* Note: run 'sh /script/sysinfo -y' if you want run 'fix-service-list' also
(importance after Kloxo-MR update)
-
Disable webcache (likw varnish) if you want letsencrypt ssl running well.
-
ok i have disable varnish cache but its still saying "can't establish a connection to the server at example.com"
-
Try 'sh /script/fixweb; sh /script/restart-web'.
-
Try 'sh /script/fixweb; sh /script/restart-web'.
gave following result
*** Process for PHP-FPM service ***
- Process: restart
Stopping php56m-fpm (PHP Used): [FAILED]
Starting php56m-fpm (PHP Used): [09-Jun-2016 12:06:07] ERROR: unable to bind lis tening socket for address '/opt/configs/php-fpm/sock/php-admin.sock': Address al ready in use (98)
[09-Jun-2016 12:06:07] ERROR: FPM initialization failed
[FAILED]
i checked websites are working fine and now https://example.com shows this
Your connection is not secure
The owner of www.example.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
Advanced:
www.example.com uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is only valid for *.lxlabs.com The certificate expired on Saturday, February 24, 2007 5:31 AM. The current time is Thursday, June 09, 2016 9:08 PM. Error code: SEC_ERROR_UNKNOWN_ISSUER
and as i have mentioned earlier that i have created certificate for www.example.com using the method you have mentioned earlier.
-
Create letsencrypt ssl files may fail if website not work (no 'welcome page'). Your domain still show 'default page'.
-
Create letsencrypt ssl files may fail if website not work (no 'welcome page'). Your domain still show 'default page'.
so any suggestions? what should i do?
-
Thank You Mustafa for your kind support. I just waited for 2 hours and then i ran sh /script/upcp after that SSL started appearing on my domain and now i am running sh /script/cleanup
One more thing i want that i want to know when certificate is close to expire how should we renew it?
-
Thank You Mustafa for your kind support. I just waited for 2 hours and then i ran sh /script/upcp after that SSL started appearing on my domain and now i am running sh /script/cleanup
One more thing i want that i want to know when certificate is close to expire how should we renew it?
Already Auto-renew using cron.
-
Thanks. I will write an article / tutorial for this feature of Kloxo MR. :)
-
Thank You Mustafa for your kind support. I just waited for 2 hours and then i ran sh /script/upcp after that SSL started appearing on my domain and now i am running sh /script/cleanup
One more thing i want that i want to know when certificate is close to expire how should we renew it?
Already Auto-renew using cron.
Pak MR, ini auto-renew pakai cron bagaimana ya setup nya? atau kah tidak perlu setup?
terima kasih
-
Cron sudah terinstall dengan sendirinya. Tidak ada dalam daftar cron tasks.
-
sip. segera diupdate dengan yang terbaru