Jump to content
Froxlor Forum

MeinerEiner

Members
  • Posts

    66
  • Joined

  • Last visited

Everything posted by MeinerEiner

  1. Hello, do we get soon a version of froxlor that fully supports php8.1 without deprecated warnings? PHP warning/error #8192 htmlentities(): Passing null to parameter #1 ($string) of type string is deprecated lib/Froxlor/PhpHelper.php:67
  2. Hello, i was unable to add a new domain with froxlor version 0.10.29.1. No own dns server is used, instead external 1.1.1.1 and 1.0.0.1 is used. I got an error: he domains DNS does not include any of the chosen IP addresses. Let's Encrypt certificate generation not possible. other domains that created before with version 0.10.28.x are working and in .acme/... certificates are created, also they are available in /etc/ssl/custom-froxlor. So what's happend? Setting the panel-domain tables entry for domian letsencrypt and run php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug creates the certificates in /root/.acme.sh, but they are not present in /etc/ssl/custom-froxlor. Any suggestions?
  3. wrong key size... only 4096 supported not 8192. Sorry
  4. executing: /root/.acme.sh/acme.sh --issue -d xxxx.net --test -w /var/www/froxlor/ --debug leads to same result
  5. I started the cron job manually, same result: Verify error:The key authorization file from the server did not match this challenge Can you try to reproduce this on a testserver with a test domain? System: Debian Buster
  6. Ok... I'll do it. All files remove from: /var/www/froxlor/.well-known/acme-challenge delete folders /root/.acme.sh/[domain.tld] Now i'll wait 1h
  7. Acme.conf for Apache Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge" <Directory "/var/www/froxlor/.well-known/acme-challenge"> Require all granted </Directory>
  8. actual let's encrypt report: php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug [information] TasksCron: Searching for tasks to do [information] TasksCron: Task10 started - setting filesystem quota [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for xxxxxx.net [information] Adding SAN entry: xxxxxx.net [information] Adding SAN entry: www.xxxxxx.net [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Tue Apr 28 13:49:23 CEST 2020] Already uptodate! [Tue Apr 28 13:49:23 CEST 2020] Upgrade success! [Tue Apr 28 13:49:24 CEST 2020] Removing cron job [Tue Apr 28 13:49:24 CEST 2020] Lets find script dir. [Tue Apr 28 13:49:24 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh' [Tue Apr 28 13:49:24 CEST 2020] _script='/root/.acme.sh/acme.sh' [Tue Apr 28 13:49:24 CEST 2020] _script_home='/root/.acme.sh' [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] Running cmd: issue [Tue Apr 28 13:49:24 CEST 2020] _main_domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _alt_domains='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:49:24 CEST 2020] GET [Tue Apr 28 13:49:24 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] timeout= [Tue Apr 28 13:49:24 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:24 CEST 2020] ret='0' [Tue Apr 28 13:49:24 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_AUTHZ [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Tue Apr 28 13:49:24 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Tue Apr 28 13:49:24 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:49:24 CEST 2020] ACME_VERSION='2' [Tue Apr 28 13:49:24 CEST 2020] _on_before_issue [Tue Apr 28 13:49:24 CEST 2020] _chk_main_domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _chk_alt_domains='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Le_LocalAddress [Tue Apr 28 13:49:24 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Check for domain='xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:24 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] Check for domain='www.xxxxxx.net' [Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:24 CEST 2020] d [Tue Apr 28 13:49:24 CEST 2020] _saved_account_key_hash is not changed, skip register account. [Tue Apr 28 13:49:24 CEST 2020] Read key length: [Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:49:24 CEST 2020] Use length 8192 [Tue Apr 28 13:49:24 CEST 2020] Using RSA: 8192 [Tue Apr 28 13:49:28 CEST 2020] _createcsr [Tue Apr 28 13:49:28 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] d [Tue Apr 28 13:49:28 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:28 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}' [Tue Apr 28 13:49:28 CEST 2020] RSA key [Tue Apr 28 13:49:28 CEST 2020] HEAD [Tue Apr 28 13:49:28 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:49:28 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g -I ' [Tue Apr 28 13:49:29 CEST 2020] _ret='0' [Tue Apr 28 13:49:29 CEST 2020] POST [Tue Apr 28 13:49:29 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:49:29 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:30 CEST 2020] _ret='0' [Tue Apr 28 13:49:30 CEST 2020] code='201' [Tue Apr 28 13:49:30 CEST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/79147307/3162587417' [Tue Apr 28 13:49:30 CEST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/79147307/3162587417' [Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773' [Tue Apr 28 13:49:30 CEST 2020] payload [Tue Apr 28 13:49:30 CEST 2020] POST [Tue Apr 28 13:49:30 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773' [Tue Apr 28 13:49:30 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:30 CEST 2020] _ret='0' [Tue Apr 28 13:49:30 CEST 2020] code='200' [Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774' [Tue Apr 28 13:49:30 CEST 2020] payload [Tue Apr 28 13:49:31 CEST 2020] POST [Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774' [Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:31 CEST 2020] _ret='0' [Tue Apr 28 13:49:31 CEST 2020] code='200' [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw","token":"f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA"' [Tue Apr 28 13:49:31 CEST 2020] token='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] dvlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA","token":"oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI"' [Tue Apr 28 13:49:31 CEST 2020] token='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] dvlist='www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] d [Tue Apr 28 13:49:31 CEST 2020] vlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/,www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/,' [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] ok, let's start to verify [Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o' [Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:49:31 CEST 2020] wellknown_path='/var/www/froxlor//.well-known/acme-challenge' [Tue Apr 28 13:49:31 CEST 2020] writing token:f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA to /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA [Tue Apr 28 13:49:31 CEST 2020] Changing owner/group of .well-known to froxlorlocal:froxlorlocal [Tue Apr 28 13:49:31 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] payload='{}' [Tue Apr 28 13:49:31 CEST 2020] POST [Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:32 CEST 2020] _ret='0' [Tue Apr 28 13:49:32 CEST 2020] code='200' [Tue Apr 28 13:49:32 CEST 2020] trigger validation code: 200 [Tue Apr 28 13:49:32 CEST 2020] sleep 2 secs to verify [Tue Apr 28 13:49:34 CEST 2020] checking [Tue Apr 28 13:49:34 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:34 CEST 2020] payload [Tue Apr 28 13:49:34 CEST 2020] POST [Tue Apr 28 13:49:34 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:34 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:35 CEST 2020] _ret='0' [Tue Apr 28 13:49:35 CEST 2020] code='200' [Tue Apr 28 13:49:35 CEST 2020] xxxxxx.net:Verify error:The key authorization file from the server did not match this challenge [Tue Apr 28 13:49:35 CEST 2020] Debug: get token url. [Tue Apr 28 13:49:35 CEST 2020] GET [Tue Apr 28 13:49:35 CEST 2020] url='http://xxxxxx.net/.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA' [Tue Apr 28 13:49:35 CEST 2020] timeout=1 [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g --connect-timeout 1' [Tue Apr 28 13:49:35 CEST 2020] ret='0' [Tue Apr 28 13:49:35 CEST 2020] Debugging, skip removing: /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA [Tue Apr 28 13:49:35 CEST 2020] pid [Tue Apr 28 13:49:35 CEST 2020] No need to restore nginx, skip. [Tue Apr 28 13:49:35 CEST 2020] _clearupdns [Tue Apr 28 13:49:35 CEST 2020] dns_entries [Tue Apr 28 13:49:35 CEST 2020] skip dns. [Tue Apr 28 13:49:35 CEST 2020] _on_issue_err [Tue Apr 28 13:49:35 CEST 2020] Please add '--debug' or '--log' to check more details. [Tue Apr 28 13:49:35 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:35 CEST 2020] payload='{}' [Tue Apr 28 13:49:35 CEST 2020] POST [Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw' [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:35 CEST 2020] _ret='0' [Tue Apr 28 13:49:35 CEST 2020] code='400' [Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:35 CEST 2020] payload='{}' [Tue Apr 28 13:49:35 CEST 2020] POST [Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA' [Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:49:36 CEST 2020] _ret='0' [Tue Apr 28 13:49:36 CEST 2020] code='200' [Tue Apr 28 13:49:36 CEST 2020] socat doesn't exists. [Tue Apr 28 13:49:36 CEST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.1.1d 10 Sep 2019 apache: apache doesn't exists. nginx: nginx doesn't exists. socat: [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 13:49:24 CEST 2020] Creating domain key [Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key [Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxx.net,DNS:www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [error] Could not get Let's Encrypt certificate for xxxxxx.net: https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 13:49:24 CEST 2020] Creating domain key [Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key [Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxxxxxxxx.net,DNS:www.xxxxxx.net' [Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net' [Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [information] No new certificates or certificates due for renewal found [information] apache::createIpPort: creating ip/port settings for xx.xxx.xxx.xxx:80 [notice] xx.xxx.xxx.xxx:80 :: namevirtualhost-statement no longer needed for apache-2.4 [debug] xx.xxx.xxx.xxx:80 :: inserted vhostcontainer [information] apache::createIpPort: creating ip/port settings for xx.xxx.xxx.xxx:443 [debug] xx.xxx.xxx.xxx:443 :: inserted vhostcontainer [information] apache::createVirtualHosts: creating vhost container for domain 10, customer aos [information] apache::createVirtualHosts: creating vhost container for domain 8, customer hassinger-j [information] apache::createVirtualHosts: creating vhost container for domain 7, customer kreiselm-a [information] apache::createVirtualHosts: creating vhost container for domain 5, customer weiss-a [information] apache::createVirtualHosts: creating vhost container for domain 4, customer wolf-t [information] apache::createVirtualHosts: creating vhost container for domain 11, customer coepto [information] apache::createVirtualHosts: creating vhost container for domain 13, customer coepto [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/ [information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/ [information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php7.3-fpm restart [information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi [notice] Creating passwd file [notice] Writing 8 entries to passwd file [notice] Succesfully wrote passwd file [notice] Creating group file [notice] Writing 6 entries to group file [notice] Succesfully wrote group file [notice] Creating shadow file [notice] Writing 8 entries to shadow file [notice] Succesfully wrote shadow file [notice] Checking system's last guid
  9. php errors are fixed... let's encrypt is still broken
  10. Ok php error fixed, by clicking ip and ports, save each ip and after that rebuild config. Seems something strange happens to vHost-Files
  11. I Still wait 4h to get new chance to request let's encrypt... There are many domains that needed to be renewed, but the failed requests matches the limit. So I decided to set let's encrypt job to once a day.
  12. Auszug aus --force --debug: [Tue Apr 28 13:01:41 CEST 2020] Lets find script dir. [Tue Apr 28 13:01:41 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh' [Tue Apr 28 13:01:41 CEST 2020] _script='/root/.acme.sh/acme.sh' [Tue Apr 28 13:01:41 CEST 2020] _script_home='/root/.acme.sh' [Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:41 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] Running cmd: issue [Tue Apr 28 13:01:41 CEST 2020] _main_domain='xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] _alt_domains='www.xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:41 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:41 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net' [Tue Apr 28 13:01:41 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Tue Apr 28 13:01:41 CEST 2020] GET [Tue Apr 28 13:01:41 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:41 CEST 2020] timeout= [Tue Apr 28 13:01:41 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:01:42 CEST 2020] ret='0' [Tue Apr 28 13:01:42 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_AUTHZ [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Tue Apr 28 13:01:42 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Tue Apr 28 13:01:42 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:01:42 CEST 2020] ACME_VERSION='2' [Tue Apr 28 13:01:42 CEST 2020] Le_NextRenewTime [Tue Apr 28 13:01:42 CEST 2020] _on_before_issue [Tue Apr 28 13:01:42 CEST 2020] _chk_main_domain='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _chk_alt_domains='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Le_LocalAddress [Tue Apr 28 13:01:42 CEST 2020] d='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Check for domain='xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:01:42 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] Check for domain='www.xxxxxx.net' [Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/' [Tue Apr 28 13:01:42 CEST 2020] d [Tue Apr 28 13:01:42 CEST 2020] _saved_account_key_hash is not changed, skip register account. [Tue Apr 28 13:01:42 CEST 2020] Read key length:8192 [Tue Apr 28 13:01:42 CEST 2020] Using config home:/root/.acme.sh [Tue Apr 28 13:01:42 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Tue Apr 28 13:01:42 CEST 2020] Use length 8192 [Tue Apr 28 13:01:42 CEST 2020] Using RSA: 8192 [Tue Apr 28 13:01:46 CEST 2020] _createcsr [Tue Apr 28 13:01:46 CEST 2020] d='www.xxxxxx.net' [Tue Apr 28 13:01:46 CEST 2020] d [Tue Apr 28 13:01:46 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:46 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}' [Tue Apr 28 13:01:46 CEST 2020] RSA key [Tue Apr 28 13:01:46 CEST 2020] HEAD [Tue Apr 28 13:01:46 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Tue Apr 28 13:01:46 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g -I ' [Tue Apr 28 13:01:47 CEST 2020] _ret='0' [Tue Apr 28 13:01:47 CEST 2020] POST [Tue Apr 28 13:01:47 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Tue Apr 28 13:01:47 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Tue Apr 28 13:01:47 CEST 2020] _ret='0' [Tue Apr 28 13:01:47 CEST 2020] code='429' [Tue Apr 28 13:01:47 CEST 2020] Le_LinkOrder [Tue Apr 28 13:01:47 CEST 2020] Le_OrderFinalize [Tue Apr 28 13:01:47 CEST 2020] Create new order error. Le_OrderFinalize not found. { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } [Tue Apr 28 13:01:48 CEST 2020] pid [Tue Apr 28 13:01:48 CEST 2020] No need to restore nginx, skip. [Tue Apr 28 13:01:48 CEST 2020] _clearupdns [Tue Apr 28 13:01:48 CEST 2020] dns_entries [Tue Apr 28 13:01:48 CEST 2020] skip dns. [Tue Apr 28 13:01:48 CEST 2020] _on_issue_err [Tue Apr 28 13:01:48 CEST 2020] Please add '--debug' or '--log' to check more details. [Tue Apr 28 13:01:48 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Tue Apr 28 13:01:48 CEST 2020] socat doesn't exists. [Tue Apr 28 13:01:48 CEST 2020] Diagnosis versions: openssl:openssl OpenSSL 1.1.1d 10 Sep 2019 apache: apache doesn't exists. nginx: nginx doesn't exists. socat:
  13. Hello, we have upgraded the systems to 0.10.15. Now lets encrypt is not working anymore for domains. Previous version 0.10.13 works well. I get this error from lets encrypt: { "type": "urn:ietf:params:acme:error:malformed", "detail": "Method not allowed", "status": 405 } [information] TasksCron: Searching for tasks to do [information] TasksCron: Task10 started - setting filesystem quota [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for xxxxx.net [information] Adding SAN entry: xxxxx.net [information] Adding SAN entry: www.xxxxx.net [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Tue Apr 28 11:31:18 CEST 2020] Already uptodate! [Tue Apr 28 11:31:18 CEST 2020] Upgrade success! [Tue Apr 28 11:31:18 CEST 2020] Removing cron job [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 11:31:19 CEST 2020] Creating domain key [Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key [Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net' [Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 [error] Could not get Let's Encrypt certificate for xxxxx.net: https://github.com/acmesh-official/acme.sh v2.8.6 [Tue Apr 28 11:31:19 CEST 2020] Creating domain key [Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key [Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net' [Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net' [Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8 Settings: SSL Let's Encrypt enabled with 8192 key. Kind regards, Daniel
  14. Hello, PHP-FPM versions: System default -> default froxlor as described above (No overide deamon settings possible) PHP-CONFIGURATIONS: PHP-FPM config: System default Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts: is deactivated Override FPM-daemon settings (pm, max_children, etc.): is activated Process manager control (pm): dynamic The number of child processes: 1 The number of child processes created on startup: 20 The desired minimum number of idle server processes: 5 The desired maximum number of idle server processes: 35 Requests per child before respawning: 0 Idle Timeout: 30
  15. Hello, System: Debian Buster with Froxlor 0.10.12, PHP7.3 and activated php-fpm Settings php-fpm: Process manager control (pm): dynamic The number of child processes: 1 The number of child processes created on startup: 20 The desired minimum number of idle server processes: 5 The desired maximum number of idle server processes: 35 Requests per child before respawning: 0 Idle Timeout: 30 Now rebuild config for domains and the files in /etc/php/7.3/fpm/pool.d contains following php-fpm settings: pm = dynamic pm.max_children = 1 pm.start_servers = 1 pm.min_spare_servers = 1 pm.max_spare_servers = 1 pm.max_requests = 0 request_terminate_timeout = 60s request_slowlog_timeout = 5s so the values are not the configured ones. Did i do something wrong? Php-fpm values are not overriden in custom php-config for domains.
  16. Strange things happend. With current version 0.10.11 it is working without changes. I created that customer with 0.9.x and migrate to 0.10.x so something must happend before. But now it is working thanks alot.
  17. Hello, today I got from a customer a call he cannot Upload files in Wordpress. After a little search I saw if you create a new customer an a php tmp dir was created, the owner of the temp folder is froxlorlocal and not the new created user. So you cannot upload things via php. Is this a bug or do I still missed a setting? Environment: Debian Buster apache with PHP 7.3 with PHP-FPM Froxlor 0.10.11 Kind regards
  18. Hello, We migrated all our froxlor (0.10.10) debian buster systems to MySql 8.x. MySql 8.x Authentication method (authentication plugin is enabled). Everything seems to work, but if you create a sql database with user for a customer, it is stored in database correctly. But if you want to login with the new created user, authentication failed. I have to reset password with phpMyAdmin and use Native MySql authentication. Is the new authentication method supported by froxlor or do we need to set MySql authentication to Native MySql authentication (In froxlor frontend we set security options to password-crypt to SHA-512)? default-authentication-plugin=mysql_native_password
  19. Hello, thanks, so I reset the crojob settings to default for traffic and diskspace. Also delete all data for traffic and diskspace with reset autoincrement to 1. Now it feels like smoother and quicker. Do you calculate the stats while opening the customers live? DELETE FROM `panel_traffic`; ALTER TABLE `panel_traffic` AUTO_INCREMENT = 1; DELETE FROM `panel_traffic_admins`; ALTER TABLE `panel_diskspace` AUTO_INCREMENT = 1; DELETE FROM `panel_diskspace`; ALTER TABLE `panel_diskspace` AUTO_INCREMENT = 1; DELETE FROM `panel_diskspace`; ALTER TABLE `panel_diskspace_admins` AUTO_INCREMENT = 1; Click on traffic detail still ends in a exception. So I will open an issue at git for your. Once o rethink about traffic and diskspace calculations (collect multiple times, for example 1 Minute and it is gruped per day) and once for the exception on traffic details.
  20. Hello, we have froxlor since 2016 (current version 0.10.9, debian buster, mysql 8.x) and we log every minute the traffic. The table panel_traffic is very huge. So if you sign in as admin and open the customers the response is round about 2-4 minutes. We check with top and mysql consume everything of cpu power that is available (8 cores). Does any one else have same problems? Query result 1 Page to last Page Showing rows 8392875 - 8392897 (8392898 total, Query took 21.7778 seconds.) Login as admin and look on traffic, takes also long time. clicking on details ends in exception: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'DESC, `month` DESC LIMIT 12' at line 4 Login as customer and click on traffic: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'DESC, `month` DESC LIMIT 12' at line 4
  21. Hello, we upgrade to latest froxlor 0.10.0 and I try to test it on our testserver. New Customer, new Domain, login as customer -> Email Adress 1. Create email-address => OK 2. Creat aacount for new created email address and no Alternative e-mail-address is defined => Error: Email-address contains invalid characters or is incomplete If you define a altenative E-Mail-address everything works fine. Depends this behavior on a2f-option?
×
×
  • Create New...