SSL

[tega]

Hello,

Not sure why the changes on the SSL paths were changed but now everything is a mess, so basically that kloxo moved the cert files from /home/kloxo/httpd/ssl to /home/kloxo/ssl the apache template are still creating the config for the domains with the old path.

Code: [Select]

Starting httpd: AH00526: Syntax error on line 398 of /opt/configs/apache/conf/defaults/init.conf:
SSLCertificateFile: file '/home/kloxo/httpd/ssl/venet0_0___localhost.pem' does not exist or is empty
And that after doing sh /script/cleanup or sh /script/fixweb

I can manually put the certs on the path that is on the .conf file by default, but when the daily scanvenge is done or the kloxo is manually updated everything goes wrong again.

[MRatWork]

Need update to 2016051401 and running 'sh /script/cleanup'.

[tega]

Need update to 2016051401 and running 'sh /script/cleanup'.

I wrote the post after making sure I was running the latest version, I'm on 2016051401 and I also did the sh /script/cleanup several times after that to make sure, that the "ssl" folder was actually moved. The conf files at least for apache (haven't check others) are still putting /home/kloxo/httpd/ssl/ on the path for the ssl certs and after the cleanup apparently they are created on /home/kloxo/ssl

Code: [Select]

sh /script/sysinfo -y
A. Control Panel:
   - Kloxo-MR: 7.0.0.b-2016051401
   - Web: hiawatha-10.2.0-f.6.mr.el6.i686
   - PHP: php54s-5.4.45-2.w6 (fpm mode)
B. Plateform:
   - OS: CentOS release 6.7 (Final) i686
   - Hostname: domain.com
C. Services:
   1. MySQL: MariaDB-server-10.0.25-1.el6.i686
   2. PHP:
      - Branch: php54w-cli-5.4.45-2.w6.i386
      - Multiple:
        * php52m-5.2.17-102.mr.el6
        * php53m-5.3.29-1.ius.el6
        * php54m-5.4.45-1.ius.el6
        * php55m-5.5.35-1.ius.el6
        * php56m-5.6.21-1.ius.el6
        * php70m-7.0.6-1.w6
      - Used: --Use PHP Branch--
   3. Web Used: apache
     - Hiawatha: --unused--
     - Lighttpd: --uninstalled--
     - Nginx: --uninstalled--
     - Httpd: httpd24u-2.4.20-1.ius.el6.i686
       - PHP Type: [unknown]
   4. WebCache: none
     - ATS: --uninstalled--
     - Squid: --uninstalled--
     - Varnish: --uninstalled--
   5. Dns: none
     - Bind: --uninstalled--
     - DJBDns: --uninstalled--
     - NSD: --uninstalled--
     - PowerDNS: --uninstalled--
     - Yadifa: --uninstalled--
   6. Mail: qmail-toaster-1.03-1.3.55.mr.el6.i386
      - pop3/imap4: courier-imap-toaster-4.1.2-1.3.18.mr.el6.i386
      - spam: none
D. Memory:
                total       used       free     shared    buffers     cached
   Mem:           1024        441         35         13          0        229
   -/+ buffers/cache:        212        299
   Swap:          512         16        495
E. Disk Space:
   Filesystem      Size  Used Avail Use% Mounted on
   /dev/simfs      100G   17G   84G  17% /


*** Process Time: 00:00:02:30.150593 (dd:hh:mm:ss:xxxxxx) ***

* Note: run 'sh /script/sysinfo -y' if you want run 'fix-service-list' also
        (importance after Kloxo-MR update)


[MRatWork]

Yes, certifacate files move to /home/kloxo/ssl.

[tega]

Yes, certifacate files move to /home/kloxo/ssl.

Ok, but please fix the conf files for apache, cause this is what I get after doing the sh /script/cleanup

Code: [Select]

Stopping httpd:                                            [FAILED]
Starting httpd: AH00526: Syntax error on line 398 of /opt/configs/apache/conf/defaults/init.conf:
SSLCertificateFile: file '/home/kloxo/httpd/ssl/venet0_0___localhost.pem' does not exist or is empty
                                                           [FAILED]


[MRatWork]

Go to 'switch programs' and then to other and then change back to previous in 'web'. Example, if using nginx-proxy then change to lighttpd because nginx-proxy mean nginx+apache.

[tega]

Go to 'switch programs' and then to other and then change back to previous in 'web'. Example, if using nginx-proxy then change to lighttpd because nginx-proxy mean nginx+apache.

I just did that, changed from apache (apache 2.4) to lighttpd and then back to apache and makes no difference, the conf files on /opt/configs/apache/domains/*.conf are still making the path for the SSL certs to /home/kloxo/httpd/ssl instead of /home/kloxo/ssl as the new path for them. I've done /script/cleanup and /script/fixweb multiple times also

Code: [Select]

SSLCertificateFile /home/kloxo/httpd/ssl/venet0_0___localhost.pem
SSLCertificateKeyFile /home/kloxo/httpd/ssl/venet0_0___localhost.key
SSLCACertificatefile /home/kloxo/httpd/ssl/venet0_0___localhost.ca
all the other webservers seem to be fine:

Nginx - /opt/configs/nginx/domains/*.conf

Code: [Select]

ssl_certificate /home/kloxo/ssl/venet0_0___localhost.pem;
ssl_certificate_key /home/kloxo/ssl/venet0_0___localhost.key;
ssl_trusted_certificate /home/kloxo/ssl/venet0_0___localhost.ca;
lighttpd - /opt/configs/lighttpd/domains/*.conf

Code: [Select]

ssl.pemfile = "/home/kloxo/ssl/venet0_0___localhost.pem"

ssl.ca-file = "/home/kloxo/ssl/venet0_0___localhost.ca"
and so on.

Oh and by the way after doing the sh /script/cleanup (or sh /script/restart-all) kloxo doesn't start,

Code: [Select]

*** Process for KLOXO service ***
  - Process: reload
Reloading kloxo-phpcgi:                                    [FAILED]
Reloading kloxo-hiawatha:                                  [  OK  ]

To bypass that I do manually: service kloxo restart

Code: [Select]

Stopping kloxo-phpcgi:                                     [FAILED]
Starting kloxo-phpcgi ('php54s' in 'fpm' mode):            [  OK  ]
Stopping kloxo-hiawatha:                                   [  OK  ]
Starting kloxo-hiawatha:                                   [  OK  ]