MRatWork Forum by Mustafa Ramadhan

Sawo Project - Kloxo-MR Discussions => Kloxo-MR Bugs and Requests => Topic started by: mehawk on 2016-06-08, 17:22:12

Title: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-08, 17:22:12
Hello i was wondering if anyone succeeded in installing letsencrypt certficate. I want to install letsencrypt certificate on CentOS 6.8, Kloxo-MR: 7.0.0.b-2016060703. I have multiple clients on my VPS

Please guide me on this.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: MRatWork on 2016-06-08, 19:47:02
1. Check application with 'letsencrypt-auto --version'
2. If no error, try add certificate with 'admin > all > all domains > select one > ssl certificate > add letsencrypt certificate'.

If your domain is domain.com, by default, SAN are 'domain.com, www.domain.com, cp.domain.com and webmail.domain.com'. So, make sure www, cp and webmail declare in 'A record' for dns setting of domain.com.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-09, 07:11:59
Quote
1. Check application with 'letsencrypt-auto --version'
2. If no error, try add certificate with 'admin > all > all domains > select one > ssl certificate > add letsencrypt certificate'.

If your domain is domain.com, by default, SAN are 'domain.com, www.domain.com, cp.domain.com and webmail.domain.com'. So, make sure www, cp and webmail declare in 'A record' for dns setting of domain.com.

1. went fine with following output

Quote
letsencrypt 0.8.0

2. went fine and created certificate.

when i try to access my site using https://example.com the browser gives following error:

Quote
Unable to connect:
can't establish a connection to the server at example.com

anything which i am doing wrong?
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: MRatWork on 2016-06-09, 07:30:21
Inform here your 'sh /script/sysinfo'.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-09, 07:34:12
Quote
[root@server1 ~]# sh /script/sysinfo
A. Control Panel:
   - Kloxo-MR: 7.0.0.b-2016060703
   - Web: hiawatha-10.3.0-f.1.mr.el6.i686
   - PHP: php54s-5.4.43-1.ius.el6 (fpm mode)
B. Plateform:
   - OS: CentOS release 6.8 (Final) i686
   - Hostname: server1.example.com
C. Services:
   1. MySQL: MariaDB-server-10.0.25-1.el6.i686
   2. PHP:
      - 'Branch' installed: php54-cli-5.4.45-1.ius.el6.i686
      - 'Multiple' installed:
        * php54m-5.4.44-1.ius.el6
        * php55m-5.5.28-1.ius.el6
        * php56m-5.6.12-1.ius.el6
      - 'Used' selected: php56m-fpm
      - 'Multiple' status: disable
   3. Web Used: apache
     - Hiawatha: --unused--
     - Lighttpd: --uninstalled--
     - Nginx: --uninstalled--
     - Httpd: httpd24u-2.4.20-2.ius.el6.i686
       - PHP Type: php-fpm_event
   4. WebCache: varnish
     - ATS: --uninstalled--
     - Squid: --uninstalled--
     - Varnish: varnish-3.0.7-1.el6.i686
   5. Dns: djbdns
     - Bind: --uninstalled--
     - DJBDns: djbdns-1.05-17.4.mr.el6.i386
     - NSD: --uninstalled--
     - PowerDNS: --uninstalled--
     - Yadifa: --uninstalled--
   6. Mail: qmail-toaster-1.03-1.3.55.mr.el6.i386
      - pop3/imap4: courier-imap-toaster-4.1.2-1.3.19.mr.el6.i686
      - spam: bogofilter-1.2.4-1.el6.i686
D. Memory:
                total       used       free     shared    buffers     cached
   Mem:          3072        496       2575          3          0        313
   -/+ buffers/cache:        182       2889
   Swap:         3072          5       3066
E. Disk Space:
   Filesystem         Size  Used Avail Use% Mounted on
   /dev/ploop43096p1  119G   19G   95G  17% /


*** Process Time: 00:00:00:06.6002 (dd:hh:mm:ss:xxxxxx) ***

* Note: run 'sh /script/sysinfo -y' if you want run 'fix-service-list' also
        (importance after Kloxo-MR update)



Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: MRatWork on 2016-06-09, 08:04:14
Disable webcache (likw varnish) if you want letsencrypt ssl running well.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-09, 16:57:23
ok i have disable varnish cache but its still saying "can't establish a connection to the server at example.com"
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: MRatWork on 2016-06-09, 17:18:11
Try 'sh /script/fixweb; sh /script/restart-web'.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-09, 17:57:40
Quote
Try 'sh /script/fixweb; sh /script/restart-web'.
gave following result

Quote
*** Process for PHP-FPM service ***
  - Process: restart
Stopping php56m-fpm (PHP Used):                            [FAILED]
Starting php56m-fpm (PHP Used): [09-Jun-2016 12:06:07] ERROR: unable to bind lis               tening socket for address '/opt/configs/php-fpm/sock/php-admin.sock': Address al               ready in use (98)
[09-Jun-2016 12:06:07] ERROR: FPM initialization failed
                                                           [FAILED]

i checked websites are working fine and now https://example.com shows this
Quote
Your connection is not secure
The owner of www.example.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
Advanced:

www.example.com uses an invalid security certificate. The certificate is not trusted because it is self-signed. The certificate is only valid for *.lxlabs.com The certificate expired on Saturday, February 24, 2007 5:31 AM. The current time is Thursday, June 09, 2016 9:08 PM. Error code: SEC_ERROR_UNKNOWN_ISSUER

and as i have mentioned earlier that i have created certificate for www.example.com using the method you have mentioned earlier.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: MRatWork on 2016-06-09, 17:59:44
Create letsencrypt ssl files may fail if website not work (no 'welcome page'). Your domain still show 'default page'.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-09, 18:10:28
Quote
Create letsencrypt ssl files may fail if website not work (no 'welcome page'). Your domain still show 'default page'.

so any suggestions? what should i do?
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-09, 20:19:43
Thank You Mustafa for your kind support. I just waited for 2 hours and then i ran sh /script/upcp after that SSL started appearing on my domain and now i am running sh /script/cleanup

One more thing i want that i want to know when certificate is close to expire how should we renew it?
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: MRatWork on 2016-06-09, 20:45:12
Thank You Mustafa for your kind support. I just waited for 2 hours and then i ran sh /script/upcp after that SSL started appearing on my domain and now i am running sh /script/cleanup

One more thing i want that i want to know when certificate is close to expire how should we renew it?
Already Auto-renew using cron.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: mehawk on 2016-06-09, 22:43:20
Thanks. I will write an article / tutorial for this feature of Kloxo MR. :)
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: noob on 2016-07-21, 02:01:05
Thank You Mustafa for your kind support. I just waited for 2 hours and then i ran sh /script/upcp after that SSL started appearing on my domain and now i am running sh /script/cleanup

One more thing i want that i want to know when certificate is close to expire how should we renew it?
Already Auto-renew using cron.

Pak MR, ini auto-renew pakai cron bagaimana ya setup nya? atau kah tidak perlu setup?

terima kasih
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: MRatWork on 2016-07-21, 06:30:54
Cron sudah terinstall dengan sendirinya. Tidak ada dalam daftar cron tasks.
Title: Re: Help Needed In Installing Letsencrypt on Kloxo MR 7
Post by: noob on 2016-07-21, 12:26:30
sip. segera diupdate dengan yang terbaru