Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-03-29, 12:16:35

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - digidata

Pages: [1] 2 3
1
Kloxo-MR Technical Helps / Re: login fail attemps
« on: 2016-10-11, 09:04:51 »
After enter address, fast appears: Session id empty. Clearing cookies and redirecting to login.

After login:
Quote
Set cookies

Record inserted in utmp for ziHuEoRt5mTle6HZGr20OSoFFk0re0TE7IPg4VH5QRUo6dy1XU_client-admin

gTZLsI0tF7ZWWLUpQcWvgonBh1VMIYLC8eKFVSF2zJ9UaOz9ho

NO schema for quotavar ssession
 

Execing d delete

Warning... Writing allowedip in client admin...

Warning... Writing blockedip in client admin...

Warning... Writing ssession in client admin...

Really Writing ssession ziHuEoRt5mTle6HZGr20OSoFFk0re0TE7IPg4VH5QRUo6dy1XU...dbaction... add

 Changin ssession: ziHuEoRt5mTle6HZGr20OSoFFk0re0TE7IPg4VH5QRUo6dy1XU... client admin

Warning... Writing ssessionlist in client admin...

Really Writing ssession gTZLsI0tF7ZWWLUpQcWvgonBh1VMIYLC8eKFVSF2zJ9UaOz9ho...dbaction... delete

 Changin ssession: gTZLsI0tF7ZWWLUpQcWvgonBh1VMIYLC8eKFVSF2zJ9UaOz9ho... client admin

Warning... Writing utmp in client admin...

No subaction for update not syncing anymore utmp

Really Writing utmp gTZLsI0tF7ZWWLUpQcWvgonBh1VMIYLC8eKFVSF2zJ9UaOz9ho_client-admin...dbaction... update


*** Page Generation Took: : 0.58
 

- Looks Like there are some errors... Or Been asked not to redirect. Not redirecting...
- Click here to go there Anyways.

After pushing Click here to go there Anyways. Logins successful.

And now works fine!

2
Kloxo-MR Technical Helps / Re: login fail attemps
« on: 2016-10-11, 08:44:02 »
Still the same problem.

3
Kloxo-MR Technical Helps / Re: login fail attemps
« on: 2016-10-11, 07:30:11 »
I have same problem with 7.0 Kloxo-MR.

Login: http://**.**.**.**:7778/login/

After enter logins redirects here:
Login: http://**.**.**.**:7778/lib/php/

And shows: *** Token not match. No permit for remote login. Go back to login page ***


A. Control Panel:
   - Kloxo-MR: 7.0.0.b-2016100902
   - Web: hiawatha-10.3.0-f.1.mr.el6.x86_64
   - PHP: php54s-5.4.45-1.ius.el6 (fpm mode)
B. Plateform:
   - OS: CentOS release 6.8 (Final) x86_64
C. Services:
   1. MySQL: MariaDB-server-10.0.27-1.el6.x86_64
   2. PHP:
      - Installed:
        - Branch: php54-cli-5.4.45-1.ius.el6.x86_64
      - Used: --PHP Branch--
      - Multiple: disable
   3. Web Used: apache
     - Hiawatha: hiawatha-10.3.0-f.1.mr.el6.x86_64
     - Lighttpd: lighttpd-1.4.41-1.el6.x86_64
     - Nginx: nginx-1.11.4-1.el6.ngx.x86_64
     - Apache: httpd-2.2.31-1.mr.el6.x86_64
       - PHP Type: php-fpm_event
       - Secondary PHP: off
   4. WebCache: none
     - ATS: --uninstalled--
     - Squid: --uninstalled--
     - Varnish: --uninstalled--
   5. Dns: nsd
     - Bind: --uninstalled--
     - DJBDns: --uninstalled--
     - NSD: nsd-4.1.12-1.el6.x86_64
     - PowerDNS: --uninstalled--
     - Yadifa: --uninstalled--
   6. Mail: qmail-toaster-1.03-1.3.55.mr.el6.x86_64
      - pop3/imap4: none
      - smtp: none
      - spam: bogofilter-1.2.4-1.el6.x86_64
   7. Stats: awstats
D. Memory:
                total       used       free     shared    buffers     cached
   Mem:          2048       1505        542         36          0        966
   -/+ buffers/cache:        538       1509
   Swap:         1024          2       1021
E. Disk Space:
   Filesystem      Size  Used Avail Use% Mounted on
   /dev/simfs       40G   21G   20G  53% /

4
Kloxo-MR Technical Helps / Re: letsencrypt error
« on: 2016-09-30, 16:19:05 »
Didn't saw message after run 'sh /script/cleanup' related to 'stats'?.

this?
Code: [Select]
sh /script/fixdnsaddstatsrecord
tried run several times, same error.


Removed stats.domain.com from adding ssl, and worked...

5
Kloxo-MR Technical Helps / Re: letsencrypt error
« on: 2016-09-30, 12:49:20 »
after domain.com/stats appears as stats.domain.com tryif to create certificate I receive error:

Code: [Select]
Domain: stats.domain.lt
Type:   unauthorized
Detail: Invalid response from http://stats.domain.lt/.well-known/acme-challenge/pfl-GiwEAFcEpryaHh_WAH4-oilr7nwWdsGPRaCd-zA: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Auth"

To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.

Also it is any auto renew?

6
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-19, 08:26:52 »
Are iv.lt and xxx.info exists in the same server like xxx.lt?
iv.lt is my server provider, because I have only one IP, but some domains requires 2 dns, so I use them provided DNS for this (they synchronise).  xxx.info and xxx.lt is in the same server



I can give domain names, IP that you need, but in PM, not want to be public :)

7
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-19, 07:12:39 »
Make sure no warning in intodns.com related to ns.
No warnings :(

8
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-18, 15:15:26 »
This?

9
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-18, 12:51:01 »
Inform here 'cat /home/kloxo/ssl/*_acme.sh'
Code: [Select]
fi[root@server ~]# cat /home/kloxo/ssl/*_acme.sh
#!/bin/sh

/usr/bin/acme.sh --issue --webroot /var/run/letsencrypt  \
        --domain MYDOMAIN.lt  \
        --domain www.MYDOMAIN.lt  \
        --domain cp.MYDOMAIN.lt  \
        --domain webmail.MYDOMAIN.lt  \
        --keylength 2048 --accountemail admin@MYDOMAIN.lt  >> /var/log/acme.sh/acme.sh.log \
        &> /var/log/acme.sh/acme.sh.log

if [ -f /root/.acme.sh/MYDOMAIN.lt/ca.cer ] ; then
        cd /root/.acme.sh/MYDOMAIN.lt
        cat MYDOMAIN.lt.key MYDOMAIN.lt.cer ca.cer > MYDOMAIN.lt.pem
fi#!/bin/sh

/usr/bin/acme.sh --issue --webroot /var/run/letsencrypt  \
        --domain MYDOMAIN.info  \
        --domain www.MYDOMAIN.info  \
        --domain cp.MYDOMAIN.info  \
        --domain webmail.MYDOMAIN.info  \
        --keylength 2048 --accountemail admin@MYDOMAIN.info  >> /var/log/acme.sh/acme.sh.log \
        &> /var/log/acme.sh/acme.sh.log

if [ -f /root/.acme.sh/MYDOMAIN.info/ca.cer ] ; then
        cd /root/.acme.sh/MYDOMAIN.info
        cat MYDOMAIN.info.key MYDOMAIN.info.cer ca.cer > MYDOMAIN.info.pem
fi#!/bin/sh

/usr/bin/acme.sh --issue --webroot /var/run/letsencrypt  \
        --domain simple.MYDOMAIN.net  \
        --domain www.simple.MYDOMAIN.net  \
        --domain cp.simple.MYDOMAIN.net  \
        --domain webmail.simple.MYDOMAIN.net  \
        --keylength ec-384 --accountemail admin@simple.MYDOMAIN.net  >> /var/log/acme.sh/acme.sh.log \
        &> /var/log/acme.sh/acme.sh.log

if [ -f /root/.acme.sh/simple.MYDOMAIN.net/ca.cer ] ; then
        cd /root/.acme.sh/simple.MYDOMAIN.net
        cat simple.MYDOMAIN.net.key simple.MYDOMAIN.net.cer ca.cer > simple.MYDOMAIN.net.pem
fi#!/bin/sh

/usr/bin/acme.sh --issue --webroot /var/run/letsencrypt  \
        --domain MYDOMAIN.lt  \
        --domain www.MYDOMAIN.lt  \
        --domain cp.MYDOMAIN.lt  \
        --domain webmail.MYDOMAIN.lt  \
        --keylength 2048 --accountemail admin@MYDOMAIN.lt  >> /var/log/acme.sh/acme.sh.log \
        &> /var/log/acme.sh/acme.sh.log

if [ -f /root/.acme.sh/MYDOMAIN.lt/ca.cer ] ; then
        cd /root/.acme.sh/MYDOMAIN.lt
        cat MYDOMAIN.lt.key MYDOMAIN.lt.cer ca.cer > MYDOMAIN.lt.pem
fi#!/bin/sh

/usr/bin/acme.sh --issue --webroot /var/run/letsencrypt  \
        --domain MYDOMAIN.tk  \
        --domain www.MYDOMAIN.tk  \
        --domain cp.MYDOMAIN.tk  \
        --domain webmail.MYDOMAIN.tk  \
        --keylength 2048 --accountemail admin@MYDOMAIN.tk  >> /var/log/acme.sh/acme.sh.log \
        &> /var/log/acme.sh/acme.sh.log

if [ -f /root/.acme.sh/MYDOMAIN.tk/ca.cer ] ; then
        cd /root/.acme.sh/MYDOMAIN.tk
        cat MYDOMAIN.tk.key MYDOMAIN.tk.cer ca.cer > MYDOMAIN.tk.pem
fi[root@server ~]#

10
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-18, 12:27:28 »
Look like something wrong with openssl, inform here 'yum list|grep openssl'.
Code: [Select]
[root@server~]# yum list|grep openssl
openssl.i686                          0.9.8e-39.el5_11      installed
openssl.x86_64                        0.9.8e-39.el5_11      installed
openssl-devel.i386                    0.9.8e-39.el5_11      installed
openssl-devel.x86_64                  0.9.8e-39.el5_11      installed
apr-util-openssl.x86_64               1.5.4-1.mr.el5        mratwork-release-version-arch
globus-gsi-openssl-error.i386         3.5-2.el5             mratwork-epel
globus-gsi-openssl-error.x86_64       3.5-2.el5             mratwork-epel
globus-gsi-openssl-error-devel.i386   3.5-2.el5             mratwork-epel
globus-gsi-openssl-error-devel.x86_64 3.5-2.el5             mratwork-epel
globus-gsi-openssl-error-doc.x86_64   3.5-2.el5             mratwork-epel
globus-openssl-module.i386            4.6-2.el5             mratwork-epel
globus-openssl-module.x86_64          4.6-2.el5             mratwork-epel
globus-openssl-module-devel.i386      4.6-2.el5             mratwork-epel
globus-openssl-module-devel.x86_64    4.6-2.el5             mratwork-epel
globus-openssl-module-doc.x86_64      4.6-2.el5             mratwork-epel
openssl-perl.x86_64                   0.9.8e-39.el5_11      updates
openssl097a.i386                      0.9.7a-12.el5_10.1    base
openssl097a.x86_64                    0.9.7a-12.el5_10.1    base
openssl101e.i386                      1.0.1e-7.el5          mratwork-epel
openssl101e.x86_64                    1.0.1e-7.el5          mratwork-epel
openssl101e-devel.i386                1.0.1e-7.el5          mratwork-epel
openssl101e-devel.x86_64              1.0.1e-7.el5          mratwork-epel
openssl101e-perl.x86_64               1.0.1e-7.el5          mratwork-epel
openssl101e-static.i386               1.0.1e-7.el5          mratwork-epel
openssl101e-static.x86_64             1.0.1e-7.el5          mratwork-epel
xmlsec1-openssl.i386                  1.2.9-8.1.2           base
xmlsec1-openssl.x86_64                1.2.9-8.1.2           base
xmlsec1-openssl-devel.i386            1.2.9-8.1.2           base
xmlsec1-openssl-devel.x86_64          1.2.9-8.1.2           base
[root@server~]#

11
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-18, 11:52:48 »
Inform here 'acme.sh --help; cat /var/log/acme.sh/acme.sh.log'.

Code: [Select]
[root@server~]# acme.sh --help; cat /var/log/acme.sh/acme.sh.log
https://github.com/Neilpang/acme.sh
v2.2.4
Usage: acme.sh  command ...[parameters]....
Commands:
  --help, -h               Show this help message.
  --version, -v            Show version info.
  --install                Install acme.sh to your system.
  --uninstall              Uninstall acme.sh, and uninstall the cron job.
  --issue                  Issue a cert.
  --installcert            Install the issued cert to apache/nginx or any other                                                                                                                                server.
  --renew, -r              Renew a cert.
  --renewAll               Renew all the certs
  --revoke                 Revoke a cert.
  --installcronjob         Install the cron job to renew certs, you don't need t                                                                                                                               o call this. The 'install' command can automatically install the cron job.
  --uninstallcronjob       Uninstall the cron job. The 'uninstall' command can d                                                                                                                               o this automatically.
  --cron                   Run cron job to renew all the certs.
  --toPkcs                 Export the certificate and key to a pfx file.
  --createAccountKey, -cak Create an account private key, professional use.
  --createDomainKey, -cdk  Create an domain private key, professional use.
  --createCSR, -ccsr       Create CSR , professional use.

Parameters:
  --domain, -d   domain.tld         Specifies a domain, used to issue, renew or                                                                                                                                revoke etc.
  --force, -f                       Used to force to install or force to renew a                                                                                                                                cert immediately.
  --staging, --test                 Use staging server, just for test.
  --debug                           Output debug info.

  --webroot, -w  /path/to/webroot   Specifies the web root folder for web root m                                                                                                                               ode.
  --standalone                      Use standalone mode.
  --apache                          Use apache mode.
  --dns [dns_cf|dns_dp|dns_cx|/path/to/api/file]   Use dns mode or dns api.

  --keylength, -k [2048]            Specifies the domain key length: 2048, 3072,                                                                                                                                4096, 8192 or ec-256, ec-384.
  --accountkeylength, -ak [2048]    Specifies the account key length.

  These parameters are to install the cert to nginx/apache or anyother server af                                                                                                                               ter issue/renew a cert:

  --certpath /path/to/real/cert/file  After issue/renew, the cert will be copied                                                                                                                                to this path.
  --keypath /path/to/real/key/file  After issue/renew, the key will be copied to                                                                                                                                this path.
  --capath /path/to/real/ca/file    After issue/renew, the intermediate cert wil                                                                                                                               l be copied to this path.
  --fullchainpath /path/to/fullchain/file After issue/renew, the fullchain cert                                                                                                                                will be copied to this path.

  --reloadcmd "service nginx reload" After issue/renew, it's used to reload the                                                                                                                                server.

  --accountconf                     Specifies a customized account config file.
  --home                            Specifies the home dir for acme.sh .
  --certhome                        Specifies the home dir to save all the certs                                                                                                                               .
  --useragent                       Specifies the user agent string. it will be                                                                                                                                saved for future use too.
  --accountemail                    Specifies the account email for registering,                                                                                                                                Only valid for the '--install' command.
  --accountkey                      Specifies the account key path, Only valid f                                                                                                                               or the '--install' command.
  --days                            Specifies the days to renew the cert when us                                                                                                                               ing '--issue' command. The max value is 80 days.


[Wed May 18 11:55:15 EEST 2016] Skip register account key
[Wed May 18 11:55:15 EEST 2016] Creating csr
[Wed May 18 11:55:15 EEST 2016] Multi domain='DNS:www.******.**,DNS:cp.*****.**,DNS:webmail.*****.**'
unable to load Private Key
31489:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expec                                                                                                                               ting: ANY PRIVATE KEY
[Wed May 18 11:55:15 EEST 2016] Create CSR error.
[root@server~]#
acme.sh.log shows only last try :) It deletes old logs

12
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-18, 10:45:30 »
you can try to restart service like:
Code: [Select]
sh /script/restart-all y; sh /script/fix-all

Not helped.


Maybe I will give up, because now can't add ssl for new domains writes
Code: [Select]
Alert: Certificate key file emptyError log:
Code: [Select]
[Wed May 18 11:55:15 EEST 2016] Skip register account key
[Wed May 18 11:55:15 EEST 2016] Creating csr
[Wed May 18 11:55:15 EEST 2016] Multi domain='DNS:www.ubernemokamai.tk,DNS:cp.*****.**,DNS:webmail.*******.**'
unable to load Private Key
31489:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: ANY PRIVATE KEY
[Wed May 18 11:55:15 EEST 2016] Create CSR error.

And for domains, server always takes SERVER PANEL (created new self-asign SSL, to replace lxlabs ssl which I mentioned above) ssl sertificate, but not letsencrypt sertificates. And here for me is main problem and I don't know what to do. Tried reboot, restart processes, /scripts/fix-all

13
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-17, 15:19:44 »
Don't need other action if create letsencrypt ssl via 'admin > domains > (select one) > ssl configure > add lets encrypt' or 'admin > clients > (select one) > domains > (select one) > ssl configure > add lets encrypt'


tried:

1. 'admin > clients > (select one) > domains > (select one) > ssl configure > add lets encrypt'
2. 'admin > clients > (select one) > clients > (select one) > domains > (select one) > ssl configure > add lets encrypt' (on reseler account other users :))



Tried different ways, but with https shows:
Code: [Select]
Subject *.lxlabs.com
Valid from 24/Feb/2006 to 24/Feb/2007
Issuer *.lxlabs.com

If I set here 'admin —> IP Addresses —> {Domain Configure}' domain name, then it works for that domain, but other not :)

14
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-17, 14:28:49 »
And one question. It is possible work with multiple domains but one IP?
Absolutely YES.
After successfully add ssl, is required to do anything to do? Going to domain with https shows not connection secured

15
Kloxo-MR Bugs and Requests / Re: letsencrypt installer fails
« on: 2016-05-16, 10:00:59 »
And one question. It is possible work with multiple domains but one IP?

Pages: [1] 2 3

MRatWork Affiliates:    BIGRAF(R) Inc.    House of LMAR    EFARgrafix
Click Here

Page created in 0.033 seconds with 17 queries.

web stats analysis