Jump to content
Froxlor Forum

MeinerEiner

Members
  • Posts

    66
  • Joined

  • Last visited

Recent Profile Visitors

1332 profile views

MeinerEiner's Achievements

Contributor

Contributor (5/14)

  • First Post
  • Collaborator Rare
  • Conversation Starter
  • Week One Done
  • One Month Later

Recent Badges

0

Reputation

  1. Hello, do we get soon a version of froxlor that fully supports php8.1 without deprecated warnings? PHP warning/error #8192 htmlentities(): Passing null to parameter #1 ($string) of type string is deprecated lib/Froxlor/PhpHelper.php:67
  2. Hello, i was unable to add a new domain with froxlor version 0.10.29.1. No own dns server is used, instead external 1.1.1.1 and 1.0.0.1 is used. I got an error: he domains DNS does not include any of the chosen IP addresses. Let's Encrypt certificate generation not possible. other domains that created before with version 0.10.28.x are working and in .acme/... certificates are created, also they are available in /etc/ssl/custom-froxlor. So what's happend? Setting the panel-domain tables entry for domian letsencrypt and run php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug creates the certificates in /root/.acme.sh, but they are not present in /etc/ssl/custom-froxlor. Any suggestions?
  3. wrong key size... only 4096 supported not 8192. Sorry
  4. executing: /root/.acme.sh/acme.sh --issue -d xxxx.net --test -w /var/www/froxlor/ --debug leads to same result
  5. I started the cron job manually, same result: Verify error:The key authorization file from the server did not match this challenge Can you try to reproduce this on a testserver with a test domain? System: Debian Buster
  6. Ok... I'll do it. All files remove from: /var/www/froxlor/.well-known/acme-challenge delete folders /root/.acme.sh/[domain.tld] Now i'll wait 1h
  7. Acme.conf for Apache Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge" <Directory "/var/www/froxlor/.well-known/acme-challenge"> Require all granted </Directory>
  8. actual let's encrypt report: php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug [information] TasksCron: Searching for tasks to do [information] TasksCron: Task10 started - setting filesystem quota [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for xxxxxx.net [information] Adding SAN entry: xxxxxx.net [information] Adding SAN entry: www.xxxxxx.net [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Tue Apr 28 13:49:23 CEST 2020] Already uptodate! [Tue Apr 28 13:49:23 CEST 2020] Upgrade success! [Tue Apr 28 13:49:24 CEST 2020] Removing cron job [Tue Apr 28 13:49:24 CEST 2020] Lets find script dir. [Tue Apr 28 13:49:24 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh' [Tue Apr 28 13:49:24 CEST 2020] _script='/root/.acme.sh/acme.sh' [Tue Apr 28 13:49:24 CEST 2020] _script_home='/root/.acme.sh' [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] Running cmd: issue [Tue Apr 28 13:49:24 CEST 2020] _main_domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _alt_domains='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] GET [Tue Apr 28 13:49:24 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] timeout= [Tue Apr 28 13:49:24 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:24 CEST 2020] ret='0' [Tue Apr 28 13:49:24 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_AUTHZ [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Tue Apr 28 13:49:24 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Tue Apr 28 13:49:24 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:49:24 CEST 2020] ACME_VERSION='2' [Tue Apr 28 13:49:24 CEST 2020] _on_before_issue [Tue Apr 28 13:49:24 CEST 2020] _chk_main_domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _chk_alt_domains='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Le_LocalAddress [Tue Apr 28 13:49:24 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Check for domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:24 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Check for domain='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:24 CEST 2020] d [Tue Apr 28 13:49:24 CEST 2020] _saved_account_key_hash is not changed, skip register account. [Tue Apr 28 13:49:24 CEST 2020] Read key length: [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] Use length 8192 [Tue Apr 28 13:49:24 CEST 2020] Using RSA: 8192 [Tue Apr 28 13:49:28 CEST 2020] _createcsr [Tue Apr 28 13:49:28 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] d [Tue Apr 28 13:49:28 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:28 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}' [Tue Apr 28 13:49:28 CEST 2020] RSA key [Tue Apr 28 13:49:28 CEST 2020] HEAD [Tue Apr 28 13:49:28 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:49:28 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g -I ' [Tue Apr 28 13:49:29 CEST 2020] _ret='0' [Tue Apr 28 13:49:29 CEST 2020] POST [Tue Apr 28 13:49:29 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:29 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:30 CEST 2020] _ret='0' [Tue Apr 28 13:49:30 CEST 2020] code='201' [Tue Apr 28 13:49:30 CEST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/79147307/3162587417' [Tue Apr 28 13:49:30 CEST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/79147307/3162587417' [Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773' [Tue Apr 28 13:49:30 CEST 2020] payload [Tue Apr 28 13:49:30 CEST 2020] POST [Tue Apr 28 13:49:30 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773' [Tue Apr 28 13:49:30 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:30 CEST 2020] _ret='0' [Tue Apr 28 13:49:30 CEST 2020] code='200' [Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774' [Tue Apr 28 13:49:30 CEST 2020] payload [Tue Apr 28 13:49:31 CEST 2020] POST [Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774' [Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:31 CEST 2020] _ret='0' [Tue Apr 28 13:49:31 CEST 2020] code='200' [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw","token":"f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA"' [Tue Apr 28 13:49:31 CEST 2020] token='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] dvlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA","token":"oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI"' [Tue Apr 28 13:49:31 CEST 2020] token='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] dvlist='www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] d [Tue Apr 28 13:49:31 CEST 2020] vlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/,www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/,' [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] ok, let's start to verify [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] wellknown_path='/var/www/froxlor//.well-known/acme-challenge' [Tue Apr 28 13:49:31 CEST 2020] writing token:f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA to /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA [Tue Apr 28 13:49:31 CEST 2020] Changing owner/group of .well-known to froxlorlocal:froxlorlocal [Tue Apr 28 13:49:31 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] payload='{}' [Tue Apr 28 13:49:31 CEST 2020] POST [Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:32 CEST 2020] _ret='0' [Tue Apr 28 13:49:32 CEST 2020] code='200' [Tue Apr 28 13:49:32 CEST 2020] trigger validation code: 200 [Tue Apr 28 13:49:32 CEST 2020] sleep 2 secs to verify [Tue Apr 28 13:49:34 CEST 2020] checking [Tue Apr 28 13:49:34 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:34 CEST 2020] payload [Tue Apr 28 13:49:34 CEST 2020] POST [Tue Apr 28 13:49:34 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:34 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:35 CEST 2020] _ret='0' [Tue Apr 28 13:49:35 CEST 2020] code='200' [Tue Apr 28 13:49:35 CEST 2020] xxxxxx.net:Verify error:The key authorization file from the server did not match this challenge [Tue Apr 28 13:49:35 CEST 2020] Debug: get token url. [Tue Apr 28 13:49:35 CEST 2020] GET [Tue Apr 28 13:49:35 CEST 2020] url='http://xxxxxx.net/.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA' [Tue Apr 28 13:49:35 CEST 2020] timeout=1 [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g --connect-timeout 1' [Tue Apr 28 13:49:35 CEST 2020] ret='0' [Tue Apr 28 13:49:35 CEST 2020] Debugging, skip removing: /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA [Tue Apr 28 13:49:35 CEST 2020] pid [Tue Apr 28 13:49:35 CEST 2020] No need to restore nginx, skip. [Tue Apr 28 13:49:35 CEST 2020] _clearupdns [Tue Apr 28 13:49:35 CEST 2020] dns_entries [Tue Apr 28 13:49:35 CEST 2020] skip dns. [Tue Apr 28 13:49:35 CEST 2020] _on_issue_err [Tue Apr 28 13:49:35 CEST 2020] Please add '--debug' or '--log' to check more details. [Tue Apr 28 13:49:35 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:35 CEST 2020] payload='{}' [Tue Apr 28 13:49:35 CEST 2020] POST [Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:35 CEST 2020] _ret='0' [Tue Apr 28 13:49:35 CEST 2020] code='400' [Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:35 CEST 2020] payload='{}' [Tue Apr 28 13:49:35 CEST 2020] POST [Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:36 CEST 2020] _ret='0' [Tue Apr 28 13:49:36 CEST 2020] code='200' [Tue Apr 28 13:49:36 CEST 2020] socat doesn't exists. [Tue Apr 28 13:49:36 CEST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.1.1d 10 Sep 2019 apache: apache doesn't exists. nginx: nginx doesn't exists. socat: [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 13:49:24 CEST 2020] Creating domain key [Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key [Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxx.net,DNS:www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [error] Could not get Let's Encrypt certificate for xxxxxx.net: https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 13:49:24 CEST 2020] Creating domain key [Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key [Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxxxxxxxx.net,DNS:www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [information] No new certificates or certificates due for renewal found [information] apache::createIpPort: creating ip/port settings for xx.xxx.xxx.xxx:80 [notice] xx.xxx.xxx.xxx:80 :: namevirtualhost-statement no longer needed for apache-2.4 [debug] xx.xxx.xxx.xxx:80 :: inserted vhostcontainer [information] apache::createIpPort: creating ip/port settings for xx.xxx.xxx.xxx:443 [debug] xx.xxx.xxx.xxx:443 :: inserted vhostcontainer [information] apache::createVirtualHosts: creating vhost container for domain 10, customer aos [information] apache::createVirtualHosts: creating vhost container for domain 8, customer hassinger-j [information] apache::createVirtualHosts: creating vhost container for domain 7, customer kreiselm-a [information] apache::createVirtualHosts: creating vhost container for domain 5, customer weiss-a [information] apache::createVirtualHosts: creating vhost container for domain 4, customer wolf-t [information] apache::createVirtualHosts: creating vhost container for domain 11, customer coepto [information] apache::createVirtualHosts: creating vhost container for domain 13, customer coepto [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/ [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php7.3-fpm restart [information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi [notice] Creating passwd file [notice] Writing 8 entries to passwd file [notice] Succesfully wrote passwd file [notice] Creating group file [notice] Writing 6 entries to group file [notice] Succesfully wrote group file [notice] Creating shadow file [notice] Writing 8 entries to shadow file [notice] Succesfully wrote shadow file [notice] Checking system's last guid
  9. php errors are fixed... let's encrypt is still broken
  10. Ok php error fixed, by clicking ip and ports, save each ip and after that rebuild config. Seems something strange happens to vHost-Files
  11. I Still wait 4h to get new chance to request let's encrypt... There are many domains that needed to be renewed, but the failed requests matches the limit. So I decided to set let's encrypt job to once a day.
  12. Auszug aus --force --debug: [Tue Apr 28 13:01:41 CEST 2020] Lets find script dir. [Tue Apr 28 13:01:41 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh' [Tue Apr 28 13:01:41 CEST 2020] _script='/root/.acme.sh/acme.sh' [Tue Apr 28 13:01:41 CEST 2020] _script_home='/root/.acme.sh' [Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:41 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] Running cmd: issue [Tue Apr 28 13:01:41 CEST 2020] _main_domain='xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] _alt_domains='www.xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:41 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:41 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] GET [Tue Apr 28 13:01:41 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:41 CEST 2020] timeout= [Tue Apr 28 13:01:41 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:01:42 CEST 2020] ret='0' [Tue Apr 28 13:01:42 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_AUTHZ [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Tue Apr 28 13:01:42 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Tue Apr 28 13:01:42 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:01:42 CEST 2020] ACME_VERSION='2' [Tue Apr 28 13:01:42 CEST 2020] Le_NextRenewTime [Tue Apr 28 13:01:42 CEST 2020] _on_before_issue [Tue Apr 28 13:01:42 CEST 2020] _chk_main_domain='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _chk_alt_domains='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Le_LocalAddress [Tue Apr 28 13:01:42 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Check for domain='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:01:42 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Check for domain='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:01:42 CEST 2020] d [Tue Apr 28 13:01:42 CEST 2020] _saved_account_key_hash is not changed, skip register account. [Tue Apr 28 13:01:42 CEST 2020] Read key length:8192 [Tue Apr 28 13:01:42 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:42 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:42 CEST 2020] Use length 8192 [Tue Apr 28 13:01:42 CEST 2020] Using RSA: 8192 [Tue Apr 28 13:01:46 CEST 2020] _createcsr [Tue Apr 28 13:01:46 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:01:46 CEST 2020] d [Tue Apr 28 13:01:46 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:46 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}' [Tue Apr 28 13:01:46 CEST 2020] RSA key [Tue Apr 28 13:01:46 CEST 2020] HEAD [Tue Apr 28 13:01:46 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:01:46 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g -I ' [Tue Apr 28 13:01:47 CEST 2020] _ret='0' [Tue Apr 28 13:01:47 CEST 2020] POST [Tue Apr 28 13:01:47 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:47 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:01:47 CEST 2020] _ret='0' [Tue Apr 28 13:01:47 CEST 2020] code='429' [Tue Apr 28 13:01:47 CEST 2020] Le_LinkOrder [Tue Apr 28 13:01:47 CEST 2020] Le_OrderFinalize [Tue Apr 28 13:01:47 CEST 2020] Create new order error. Le_OrderFinalize not found. { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } [Tue Apr 28 13:01:48 CEST 2020] pid [Tue Apr 28 13:01:48 CEST 2020] No need to restore nginx, skip. [Tue Apr 28 13:01:48 CEST 2020] _clearupdns [Tue Apr 28 13:01:48 CEST 2020] dns_entries [Tue Apr 28 13:01:48 CEST 2020] skip dns. [Tue Apr 28 13:01:48 CEST 2020] _on_issue_err [Tue Apr 28 13:01:48 CEST 2020] Please add '--debug' or '--log' to check more details. [Tue Apr 28 13:01:48 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue Apr 28 13:01:48 CEST 2020] socat doesn't exists. [Tue Apr 28 13:01:48 CEST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.1.1d 10 Sep 2019 apache: apache doesn't exists. nginx: nginx doesn't exists. socat:
  13. Hello, we have upgraded the systems to 0.10.15. Now lets encrypt is not working anymore for domains. Previous version 0.10.13 works well. I get this error from lets encrypt: { "type": "urn:ietf:params:acme:error:malformed", "detail": "Method not allowed", "status": 405 } [information] TasksCron: Searching for tasks to do [information] TasksCron: Task10 started - setting filesystem quota [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for xxxxx.net [information] Adding SAN entry: xxxxx.net [information] Adding SAN entry: www.xxxxx.net [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Tue Apr 28 11:31:18 CEST 2020] Already uptodate! [Tue Apr 28 11:31:18 CEST 2020] Upgrade success! [Tue Apr 28 11:31:18 CEST 2020] Removing cron job [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 11:31:19 CEST 2020] Creating domain key [Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key [Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net' [Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [error] Could not get Let's Encrypt certificate for xxxxx.net: https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 11:31:19 CEST 2020] Creating domain key [Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key [Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net' [Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 Settings: SSL Let's Encrypt enabled with 8192 key. Kind regards, Daniel
  14. Hello, PHP-FPM versions: System default -> default froxlor as described above (No overide deamon settings possible) PHP-CONFIGURATIONS: PHP-FPM config: System default Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts: is deactivated Override FPM-daemon settings (pm, max_children, etc.): is activated Process manager control (pm): dynamic The number of child processes: 1 The number of child processes created on startup: 20 The desired minimum number of idle server processes: 5 The desired maximum number of idle server processes: 35 Requests per child before respawning: 0 Idle Timeout: 30
×
×
  • Create New...