MRatWork Forum by Mustafa Ramadhan
Sawo Project - Kloxo-MR Discussions => Kloxo-MR Development => Topic started by: fossxplorer on 2016-06-07, 17:00:32
-
I see LetsEncrypt tab in the SSL part, but there is no add/run button to get the cert?
Do i need to update Kloxo-MR?
-
Use latest version for Kloxo-MR 7.0. At this moment, upload version is kloxomr7-7.0.0.b-2016060703.
-
Just updated to the lastest, but PLEASE HELP now:
*** Restart services - BEGIN ***
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
-------------------------------------------------------------------
Shutting down MySQL... SUCCESS!
Starting MySQL.. SUCCESS!
-------------------------------------------------------------------
Stopping named: . [ OK ]
Starting named: [ OK ]
-------------------------------------------------------------------
Stopping php56m-fpm (PHP Used): [FAILED]
Starting php56m-fpm (PHP Used): [07-Jun-2016 17:47:48] ERROR: Unable to globalize '/opt/php/etc/php-fpm.d/*.conf' (ret=2) from /opt/configs/php-fpm/conf/php/php-fpm.conf at line 19.
[07-Jun-2016 17:47:48] ERROR: Unable to include /opt/configs/php-fpm/conf/php/php-fpm.conf from /etc/php-fpm.conf at line 19
[07-Jun-2016 17:47:48] ERROR: failed to load configuration file '/etc/php-fpm.conf'
[07-Jun-2016 17:47:48] ERROR: FPM initialization failed
[FAILED]
-------------------------------------------------------------------
pidof: invalid options on command line!
pidof: invalid options on command line!
pidof: invalid options on command line!
pidof: invalid options on command line!
pidof: invalid options on command line!
pidof: invalid options on command line!
pidof: invalid options on command line!
pidof: invalid options on command line!
nginx: [emerg] "proxy_connect_timeout" directive is duplicate in /opt/configs/nginx/conf/globals/switch_standard.conf:9
nginx: configuration file /etc/nginx/nginx.conf test failed
-------------------------------------------------------------------
Stopping httpd: [FAILED]
Starting httpd: [FAILED]
-------------------------------------------------------------------
*** Process for QMAIL service ***
Stopping qmail-toaster: svscan qmail logging.
qmail-send: no process killed
Starting qmail-toaster: svscan.
-------------------------------------------------------------------
- For help, type '/script/restart-mail [--help|-h]'
-------------------------------------------------------------------
Stopping pure-ftpd: [ OK ]
Starting pure-ftpd: [ OK ]
-------------------------------------------------------------------
Stopping kloxo-phpcgi: [ OK ]
Starting kloxo-phpcgi ('php54s' in 'fpm' mode): [ OK ]
Stopping kloxo-hiawatha: [ OK ]
Starting kloxo-hiawatha: [ OK ]
-------------------------------------------------------------------
*** Restart services - END ***
*** Process Time: 00:00:09:42.582399 (dd:hh:mm:ss:xxxxxx) ***
root@mail]# tail -f /var/log/httpd/error_log
[Tue Jun 07 17:48:27 2016] [suexec:notice] [pid 23153] [mod_suexec.c(101):] [AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)] [mail.example.com]
AH00016: Configuration Failed
-
Debugging Apache:
Tue Jun 07 18:01:59 2016] [ssl:debug] [pid 25221] [ssl_util_ssl.c(443):] [AH02412: [cp.example.org:443] Cert does not match for name 'cp.example.org' [subject: emailAddress=sslsign@lxlabs.com,CN=*.lxlabs.com,OU=web,O=lxlabs,L=WA,ST=WA,C=IN / issuer: emailAddress=sslsign@lxlabs.com,CN=*.lxlabs.com,OU=web,O=lxlabs,L=WA,ST=WA,C=IN / serial: 00 / notbefore: Feb 24 00:31:16 2006 GMT / notafter: Feb 24 00:31:16 2007 GMT]] [cp.example.org]
[Tue Jun 07 18:01:59 2016] [ssl:warn] [pid 25221] [ssl_engine_init.c(1028):] [AH01909: cp.example.org:443:0 server certificate does NOT include an ID which matches the server name] [cp.example.org]
[Tue Jun 07 18:01:59 2016] [ssl:info] [pid 25221] [ssl_engine_init.c(1186):] [AH02568: Certificate and private key cp.example.org:443:0 configured from /home/kloxo/ssl/eth0_0___localhost.pem and /home/kloxo/ssl/eth0_0___localhost.key] [cp.example.org]
cp.example.org is one of the clients :)
-
[root@mail letsencrypt]# yum list installed | grep kloxomr7
kloxomr7.noarch 7.0.0.b-2016060703.mr @mratwork-release-neutral-noarch
-
Did you run 'sh /script/cleanup' after update?.
You need add letsencrypt cerficate per-domain based.
-
Yes i ran cleanup!
Yes, i know that, but now none of the clients web are up, ALL DOWN :(
Cleanup FAILS.
Did you run 'sh /script/cleanup' after update?.
You need add letsencrypt cerficate per-domain based.
-
Hmm works now, after some Nginx issues with certs.
-
[root@mail letsencrypt]# sh /script/restart-web
*** Process for PHP-FPM service ***
- Process: restart
Stopping php56m-fpm (PHP Used): [ OK ]
Starting php56m-fpm (PHP Used): [ OK ]
-------------------------------------------------------------------
*** Process for NGINX service ***
- Process: restart
Stopping nginx: [FAILED]
Starting nginx: nginx: [emerg] "proxy_connect_timeout" directive is duplicate in /opt/configs/nginx/conf/globals/switch_standard_ssl.conf:9
[FAILED]
-------------------------------------------------------------------
-
Did you have custom file in /opt/configs/nginx/conf/globals and or /opt/configs/nginx/tpl ?.
If yes, need adjustment with the new configs.
-
Ups, yeah, i had!
I just moved 2 custom files out of /opt/configs/nginx/conf/global and running fixweb now...