[Update 2.0.21 to 2.0.22 failed Sql Exception]

It is working with version 2.0.23! Thank's alot.

[Update 2.0.21 to 2.0.22 failed Sql Exception]

So, it seems to be fixed. Is there a new release planned with that fix? And yes we have a multiple running systems with customers.

[Update 2.0.21 to 2.0.22 failed Sql Exception]

Hello,

 

I try to upgrade froxlor to 2.0.22. The previous version was 2.0.21. The update is successful. Login page is display normal. After login I get an error:

Uncaught exception
500 SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND `d`.`email_only` = '0' AND `d`.`id` NOT IN ()' at line 3

#0 /var/www/froxlor/lib/Froxlor/Database/Database.php(124): Froxlor\Database\Database::showerror()
#1 /var/www/froxlor/lib/Froxlor/Database/Database.php(102): Froxlor\Database\Database::pexecute()
#2 /var/www/froxlor/lib/Froxlor/Api/Commands/SubDomains.php(1074): Froxlor\Database\Database::pexecute_first()
#3 /var/www/froxlor/lib/Froxlor/UI/Collection.php(132): Froxlor\Api\Commands\SubDomains->listingCount()
#4 /var/www/froxlor/lib/Froxlor/CurrentUser.php(156): Froxlor\UI\Collection->count()
#5 /var/www/froxlor/lib/navigation/00.froxlor.main.php(84): Froxlor\CurrentUser::canAddResource()
#6 /var/www/froxlor/lib/Froxlor/PhpHelper.php(235): include('...')
#7 /var/www/froxlor/lib/init.php(271): Froxlor\PhpHelper::loadConfigArrayDir()
#8 /var/www/froxlor/admin_index.php(27): require('...')
#9 {main}

System Debian Bookworm

Serversoftware
Apache/2.4.57 (Debian)
PHP-Version 8.2.9
MySQL server version 8.0.34
Webserver interface FPM-FCGI
Kernel 6.1.0-11-amd64 (x86_64)

Any suggestions

[froxlor 0.10.33 and php 8.1, deprecated warnings]

Hello,

do we get soon a version of froxlor that fully supports php8.1 without deprecated warnings?

PHP warning/error
#8192 htmlentities(): Passing null to parameter #1 ($string) of type string is deprecated
lib/Froxlor/PhpHelper.php:67

 

[Froxlor 0.10.29.1 (DB: 202109040) New domain no letsencrypt => error!]

Hello,

 

i was unable to add a new domain with froxlor version 0.10.29.1. No own dns server is used, instead external 1.1.1.1 and 1.0.0.1 is used. I got an error:

he domains DNS does not include any of the chosen IP addresses. Let's Encrypt certificate generation not possible.

other domains that created before with version 0.10.28.x are working and in .acme/... certificates are created, also they are available in /etc/ssl/custom-froxlor. So what's happend?

Setting the panel-domain tables entry for domian letsencrypt and run

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug

creates the certificates in /root/.acme.sh, but they are not present in /etc/ssl/custom-froxlor.

 

Any suggestions?

[Let's Encrypt not working any longer]

wrong key size... only 4096 supported not 8192. Sorry

 

[Let's Encrypt not working any longer]

executing:

 /root/.acme.sh/acme.sh --issue -d  xxxx.net --test -w /var/www/froxlor/ --debug

leads to same result
 

[Let's Encrypt not working any longer]

I started the cron job manually, same result:

Verify error:The key authorization file from the server did not match this challenge
 

Can you try to reproduce this on a testserver with a test domain?

System: Debian Buster

[Let's Encrypt not working any longer]

Ok... I'll do it.

All files remove from:

/var/www/froxlor/.well-known/acme-challenge

delete folders

/root/.acme.sh/[domain.tld]

 

Now i'll wait 1h

 

 

[Let's Encrypt not working any longer]

Acme.conf for Apache

Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge"
<Directory "/var/www/froxlor/.well-known/acme-challenge">
	Require all granted
</Directory>

 

[Let's Encrypt not working any longer]

actual let's encrypt report:

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] TasksCron: Task10 started - setting filesystem quota
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] Creating certificate for xxxxxx.net
[information] Adding SAN entry: xxxxxx.net
[information] Adding SAN entry: www.xxxxxx.net
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Tue Apr 28 13:49:23 CEST 2020] Already uptodate!
[Tue Apr 28 13:49:23 CEST 2020] Upgrade success!
[Tue Apr 28 13:49:24 CEST 2020] Removing cron job
[Tue Apr 28 13:49:24 CEST 2020] Lets find script dir.
[Tue Apr 28 13:49:24 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh'
[Tue Apr 28 13:49:24 CEST 2020] _script='/root/.acme.sh/acme.sh'
[Tue Apr 28 13:49:24 CEST 2020] _script_home='/root/.acme.sh'
[Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh
[Tue Apr 28 13:49:24 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory
[Tue Apr 28 13:49:24 CEST 2020] Running cmd: issue
[Tue Apr 28 13:49:24 CEST 2020] _main_domain='xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] _alt_domains='www.xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh
[Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Tue Apr 28 13:49:24 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Tue Apr 28 13:49:24 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Tue Apr 28 13:49:24 CEST 2020] GET
[Tue Apr 28 13:49:24 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Tue Apr 28 13:49:24 CEST 2020] timeout=
[Tue Apr 28 13:49:24 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:24 CEST 2020] ret='0'
[Tue Apr 28 13:49:24 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_AUTHZ
[Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Tue Apr 28 13:49:24 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Tue Apr 28 13:49:24 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Tue Apr 28 13:49:24 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Tue Apr 28 13:49:24 CEST 2020] ACME_VERSION='2'
[Tue Apr 28 13:49:24 CEST 2020] _on_before_issue
[Tue Apr 28 13:49:24 CEST 2020] _chk_main_domain='xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] _chk_alt_domains='www.xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] Le_LocalAddress
[Tue Apr 28 13:49:24 CEST 2020] d='xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] Check for domain='xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/'
[Tue Apr 28 13:49:24 CEST 2020] d='www.xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] Check for domain='www.xxxxxx.net'
[Tue Apr 28 13:49:24 CEST 2020] _currentRoot='/var/www/froxlor/'
[Tue Apr 28 13:49:24 CEST 2020] d
[Tue Apr 28 13:49:24 CEST 2020] _saved_account_key_hash is not changed, skip register account.
[Tue Apr 28 13:49:24 CEST 2020] Read key length:
[Tue Apr 28 13:49:24 CEST 2020] Using config home:/root/.acme.sh
[Tue Apr 28 13:49:24 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Tue Apr 28 13:49:24 CEST 2020] Use length 8192
[Tue Apr 28 13:49:24 CEST 2020] Using RSA: 8192
[Tue Apr 28 13:49:28 CEST 2020] _createcsr
[Tue Apr 28 13:49:28 CEST 2020] d='www.xxxxxx.net'
[Tue Apr 28 13:49:28 CEST 2020] d
[Tue Apr 28 13:49:28 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Apr 28 13:49:28 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}'
[Tue Apr 28 13:49:28 CEST 2020] RSA key
[Tue Apr 28 13:49:28 CEST 2020] HEAD
[Tue Apr 28 13:49:28 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Tue Apr 28 13:49:28 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  -I  '
[Tue Apr 28 13:49:29 CEST 2020] _ret='0'
[Tue Apr 28 13:49:29 CEST 2020] POST
[Tue Apr 28 13:49:29 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Apr 28 13:49:29 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:30 CEST 2020] _ret='0'
[Tue Apr 28 13:49:30 CEST 2020] code='201'
[Tue Apr 28 13:49:30 CEST 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/79147307/3162587417'
[Tue Apr 28 13:49:30 CEST 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/79147307/3162587417'
[Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773'
[Tue Apr 28 13:49:30 CEST 2020] payload
[Tue Apr 28 13:49:30 CEST 2020] POST
[Tue Apr 28 13:49:30 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150773'
[Tue Apr 28 13:49:30 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:30 CEST 2020] _ret='0'
[Tue Apr 28 13:49:30 CEST 2020] code='200'
[Tue Apr 28 13:49:30 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774'
[Tue Apr 28 13:49:30 CEST 2020] payload
[Tue Apr 28 13:49:31 CEST 2020] POST
[Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/4232150774'
[Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:31 CEST 2020] _ret='0'
[Tue Apr 28 13:49:31 CEST 2020] code='200'
[Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/'
[Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/'
[Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw","token":"f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA"'
[Tue Apr 28 13:49:31 CEST 2020] token='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA'
[Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o'
[Tue Apr 28 13:49:31 CEST 2020] dvlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/'
[Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] _w='/var/www/froxlor/'
[Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/'
[Tue Apr 28 13:49:31 CEST 2020] entry='"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA","token":"oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI"'
[Tue Apr 28 13:49:31 CEST 2020] token='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI'
[Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA'
[Tue Apr 28 13:49:31 CEST 2020] keyauthorization='oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o'
[Tue Apr 28 13:49:31 CEST 2020] dvlist='www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/'
[Tue Apr 28 13:49:31 CEST 2020] d
[Tue Apr 28 13:49:31 CEST 2020] vlist='xxxxxx.net#f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw#http-01#/var/www/froxlor/,www.xxxxxx.net#oi8ltqdZue00Em0kmQ57hnUJB0JQ30RjtoiaWP5q8WI._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o#https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA#http-01#/var/www/froxlor/,'
[Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] d='www.xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] ok, let's start to verify
[Tue Apr 28 13:49:31 CEST 2020] d='xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] keyauthorization='f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA._0UBaqs6gYd8N7BPCo6VAUJnXDQV1-V4eQyRKh1rT3o'
[Tue Apr 28 13:49:31 CEST 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:31 CEST 2020] _currentRoot='/var/www/froxlor/'
[Tue Apr 28 13:49:31 CEST 2020] wellknown_path='/var/www/froxlor//.well-known/acme-challenge'
[Tue Apr 28 13:49:31 CEST 2020] writing token:f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA to /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA
[Tue Apr 28 13:49:31 CEST 2020] Changing owner/group of .well-known to froxlorlocal:froxlorlocal
[Tue Apr 28 13:49:31 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:31 CEST 2020] payload='{}'
[Tue Apr 28 13:49:31 CEST 2020] POST
[Tue Apr 28 13:49:31 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:31 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:32 CEST 2020] _ret='0'
[Tue Apr 28 13:49:32 CEST 2020] code='200'
[Tue Apr 28 13:49:32 CEST 2020] trigger validation code: 200
[Tue Apr 28 13:49:32 CEST 2020] sleep 2 secs to verify
[Tue Apr 28 13:49:34 CEST 2020] checking
[Tue Apr 28 13:49:34 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:34 CEST 2020] payload
[Tue Apr 28 13:49:34 CEST 2020] POST
[Tue Apr 28 13:49:34 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:34 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:35 CEST 2020] _ret='0'
[Tue Apr 28 13:49:35 CEST 2020] code='200'
[Tue Apr 28 13:49:35 CEST 2020] xxxxxx.net:Verify error:The key authorization file from the server did not match this challenge
[Tue Apr 28 13:49:35 CEST 2020] Debug: get token url.
[Tue Apr 28 13:49:35 CEST 2020] GET
[Tue Apr 28 13:49:35 CEST 2020] url='http://xxxxxx.net/.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA'
[Tue Apr 28 13:49:35 CEST 2020] timeout=1
[Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  --connect-timeout 1'
[Tue Apr 28 13:49:35 CEST 2020] ret='0'
[Tue Apr 28 13:49:35 CEST 2020] Debugging, skip removing: /var/www/froxlor//.well-known/acme-challenge/f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA
[Tue Apr 28 13:49:35 CEST 2020] pid
[Tue Apr 28 13:49:35 CEST 2020] No need to restore nginx, skip.
[Tue Apr 28 13:49:35 CEST 2020] _clearupdns
[Tue Apr 28 13:49:35 CEST 2020] dns_entries
[Tue Apr 28 13:49:35 CEST 2020] skip dns.
[Tue Apr 28 13:49:35 CEST 2020] _on_issue_err
[Tue Apr 28 13:49:35 CEST 2020] Please add '--debug' or '--log' to check more details.
[Tue Apr 28 13:49:35 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:35 CEST 2020] payload='{}'
[Tue Apr 28 13:49:35 CEST 2020] POST
[Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150773/YwkLNw'
[Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:35 CEST 2020] _ret='0'
[Tue Apr 28 13:49:35 CEST 2020] code='400'
[Tue Apr 28 13:49:35 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA'
[Tue Apr 28 13:49:35 CEST 2020] payload='{}'
[Tue Apr 28 13:49:35 CEST 2020] POST
[Tue Apr 28 13:49:35 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/4232150774/iJIjTA'
[Tue Apr 28 13:49:35 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:49:36 CEST 2020] _ret='0'
[Tue Apr 28 13:49:36 CEST 2020] code='200'
[Tue Apr 28 13:49:36 CEST 2020] socat doesn't exists.
[Tue Apr 28 13:49:36 CEST 2020] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.1d  10 Sep 2019
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Tue Apr 28 13:49:24 CEST 2020] Creating domain key
[Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key
[Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxx.net,DNS:www.xxxxxx.net'
[Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain
[Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net
f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8
[error] Could not get Let's Encrypt certificate for xxxxxx.net:
https://github.com/acmesh-official/acme.sh
v2.8.6
[Tue Apr 28 13:49:24 CEST 2020] Creating domain key
[Tue Apr 28 13:49:28 CEST 2020] The domain key is here: /root/.acme.sh/xxxxxx.net/xxxxxx.net.key
[Tue Apr 28 13:49:28 CEST 2020] Multi domain='DNS:xxxxxxxxxxxx.net,DNS:www.xxxxxx.net'
[Tue Apr 28 13:49:28 CEST 2020] Getting domain auth token for each domain
[Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] Getting webroot for domain='www.xxxxxx.net'
[Tue Apr 28 13:49:31 CEST 2020] Verifying: xxxxxx.net
f7GaM0d-Nbsm_tgb5l71q_gsjFQzsZJaCSa1IE1MroA.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8
[information] No new certificates or certificates due for renewal found
[information] apache::createIpPort: creating ip/port settings for  xx.xxx.xxx.xxx:80
[notice] xx.xxx.xxx.xxx:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] xx.xxx.xxx.xxx:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  xx.xxx.xxx.xxx:443
[debug] xx.xxx.xxx.xxx:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 10, customer aos
[information] apache::createVirtualHosts: creating vhost container for domain 8, customer hassinger-j
[information] apache::createVirtualHosts: creating vhost container for domain 7, customer kreiselm-a
[information] apache::createVirtualHosts: creating vhost container for domain 5, customer weiss-a
[information] apache::createVirtualHosts: creating vhost container for domain 4, customer wolf-t
[information] apache::createVirtualHosts: creating vhost container for domain 11, customer coepto
[information] apache::createVirtualHosts: creating vhost container for domain 13, customer coepto
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php7.3-fpm restart
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 8 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 6 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 8 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid
 

[Let's Encrypt not working any longer]

php errors are fixed...

let's encrypt is still broken

[Let's Encrypt not working any longer]

Ok php error fixed, by clicking ip and ports, save each ip and after that rebuild config.

Seems something strange happens to vHost-Files

[Let's Encrypt not working any longer]

I Still wait 4h to get new chance to request let's encrypt...

There are many domains that needed to be renewed, but the failed requests matches the limit. So I decided to set let's encrypt job to once a day.

[Let's Encrypt not working any longer]

Auszug aus --force --debug:

[Tue Apr 28 13:01:41 CEST 2020] Lets find script dir.
[Tue Apr 28 13:01:41 CEST 2020] _SCRIPT_='/root/.acme.sh/acme.sh'
[Tue Apr 28 13:01:41 CEST 2020] _script='/root/.acme.sh/acme.sh'
[Tue Apr 28 13:01:41 CEST 2020] _script_home='/root/.acme.sh'
[Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh
[Tue Apr 28 13:01:41 CEST 2020] Using server: https://acme-v02.api.letsencrypt.org/directory
[Tue Apr 28 13:01:41 CEST 2020] Running cmd: issue
[Tue Apr 28 13:01:41 CEST 2020] _main_domain='xxxxxx.net'
[Tue Apr 28 13:01:41 CEST 2020] _alt_domains='www.xxxxxx.net'
[Tue Apr 28 13:01:41 CEST 2020] Using config home:/root/.acme.sh
[Tue Apr 28 13:01:41 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Tue Apr 28 13:01:41 CEST 2020] DOMAIN_PATH='/root/.acme.sh/xxxxxx.net'
[Tue Apr 28 13:01:41 CEST 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Tue Apr 28 13:01:41 CEST 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Tue Apr 28 13:01:41 CEST 2020] GET
[Tue Apr 28 13:01:41 CEST 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Tue Apr 28 13:01:41 CEST 2020] timeout=
[Tue Apr 28 13:01:41 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:01:42 CEST 2020] ret='0'
[Tue Apr 28 13:01:42 CEST 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_AUTHZ
[Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Tue Apr 28 13:01:42 CEST 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Tue Apr 28 13:01:42 CEST 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Tue Apr 28 13:01:42 CEST 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Tue Apr 28 13:01:42 CEST 2020] ACME_VERSION='2'
[Tue Apr 28 13:01:42 CEST 2020] Le_NextRenewTime
[Tue Apr 28 13:01:42 CEST 2020] _on_before_issue
[Tue Apr 28 13:01:42 CEST 2020] _chk_main_domain='xxxxxx.net'
[Tue Apr 28 13:01:42 CEST 2020] _chk_alt_domains='www.xxxxxx.net'
[Tue Apr 28 13:01:42 CEST 2020] Le_LocalAddress
[Tue Apr 28 13:01:42 CEST 2020] d='xxxxxx.net'
[Tue Apr 28 13:01:42 CEST 2020] Check for domain='xxxxxx.net'
[Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/'
[Tue Apr 28 13:01:42 CEST 2020] d='www.xxxxxx.net'
[Tue Apr 28 13:01:42 CEST 2020] Check for domain='www.xxxxxx.net'
[Tue Apr 28 13:01:42 CEST 2020] _currentRoot='/var/www/froxlor/'
[Tue Apr 28 13:01:42 CEST 2020] d
[Tue Apr 28 13:01:42 CEST 2020] _saved_account_key_hash is not changed, skip register account.
[Tue Apr 28 13:01:42 CEST 2020] Read key length:8192
[Tue Apr 28 13:01:42 CEST 2020] Using config home:/root/.acme.sh
[Tue Apr 28 13:01:42 CEST 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Tue Apr 28 13:01:42 CEST 2020] Use length 8192
[Tue Apr 28 13:01:42 CEST 2020] Using RSA: 8192
[Tue Apr 28 13:01:46 CEST 2020] _createcsr
[Tue Apr 28 13:01:46 CEST 2020] d='www.xxxxxx.net'
[Tue Apr 28 13:01:46 CEST 2020] d
[Tue Apr 28 13:01:46 CEST 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Apr 28 13:01:46 CEST 2020] payload='{"identifiers": [{"type":"dns","value":"xxxxxx.net"},{"type":"dns","value":"www.xxxxxx.net"}]}'
[Tue Apr 28 13:01:46 CEST 2020] RSA key
[Tue Apr 28 13:01:46 CEST 2020] HEAD
[Tue Apr 28 13:01:46 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Tue Apr 28 13:01:46 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  -I  '
[Tue Apr 28 13:01:47 CEST 2020] _ret='0'
[Tue Apr 28 13:01:47 CEST 2020] POST
[Tue Apr 28 13:01:47 CEST 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Tue Apr 28 13:01:47 CEST 2020] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Tue Apr 28 13:01:47 CEST 2020] _ret='0'
[Tue Apr 28 13:01:47 CEST 2020] code='429'
[Tue Apr 28 13:01:47 CEST 2020] Le_LinkOrder
[Tue Apr 28 13:01:47 CEST 2020] Le_OrderFinalize
[Tue Apr 28 13:01:47 CEST 2020] Create new order error. Le_OrderFinalize not found. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Tue Apr 28 13:01:48 CEST 2020] pid
[Tue Apr 28 13:01:48 CEST 2020] No need to restore nginx, skip.
[Tue Apr 28 13:01:48 CEST 2020] _clearupdns
[Tue Apr 28 13:01:48 CEST 2020] dns_entries
[Tue Apr 28 13:01:48 CEST 2020] skip dns.
[Tue Apr 28 13:01:48 CEST 2020] _on_issue_err
[Tue Apr 28 13:01:48 CEST 2020] Please add '--debug' or '--log' to check more details.
[Tue Apr 28 13:01:48 CEST 2020] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Tue Apr 28 13:01:48 CEST 2020] socat doesn't exists.
[Tue Apr 28 13:01:48 CEST 2020] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.1d  10 Sep 2019
apache:
apache doesn't exists.
nginx:
nginx doesn't exists.
socat:
 

[Let's Encrypt not working any longer]

--deleted-- fixed

[Let's Encrypt not working any longer]

Hello,

 

we have upgraded the systems to 0.10.15. Now lets encrypt is not working anymore for domains. Previous version 0.10.13 works well.

I get this error from lets encrypt:

{
  "type": "urn:ietf:params:acme:error:malformed",
  "detail": "Method not allowed",
  "status": 405
}

[information] TasksCron: Searching for tasks to do
[information] TasksCron: Task10 started - setting filesystem quota
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] Creating certificate for xxxxx.net
[information] Adding SAN entry: xxxxx.net
[information] Adding SAN entry: www.xxxxx.net
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Tue Apr 28 11:31:18 CEST 2020] Already uptodate!
[Tue Apr 28 11:31:18 CEST 2020] Upgrade success!
[Tue Apr 28 11:31:18 CEST 2020] Removing cron job
[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Tue Apr 28 11:31:19 CEST 2020] Creating domain key
[Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key
[Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net'
[Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain
[Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net'
[Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net'
[Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net
fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8
[error] Could not get Let's Encrypt certificate for xxxxx.net:
https://github.com/acmesh-official/acme.sh
v2.8.6
[Tue Apr 28 11:31:19 CEST 2020] Creating domain key
[Tue Apr 28 11:31:22 CEST 2020] The domain key is here: /root/.acme.sh/xxxxx.net/xxxxx.net.key
[Tue Apr 28 11:31:22 CEST 2020] Multi domain='DNS:xxxxx.net,DNS:www.xxxxx.net'
[Tue Apr 28 11:31:22 CEST 2020] Getting domain auth token for each domain
[Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='xxxxx.net'
[Tue Apr 28 11:31:25 CEST 2020] Getting webroot for domain='www.xxxxx.net'
[Tue Apr 28 11:31:25 CEST 2020] Verifying: xxxxx.net
fqIIDl1N0TVk25kM3t8VF7NR-dFV1jUl1XF358An8K0.4E3VCTFsySjUrqnCg0ooULx-3kbdPBygi0aWkvg5Gd8

 

 

Settings:

SSL Let's Encrypt enabled with 8192 key. 

 

Kind regards,

Daniel

[Php-Fpm Writes wrong config files]

Hello,

PHP-FPM versions: System default -> default froxlor as described above (No overide deamon settings possible)

PHP-CONFIGURATIONS: PHP-FPM config: System default

Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts: is deactivated

Override FPM-daemon settings (pm, max_children, etc.): is activated

Process manager control (pm): dynamic

The number of child processes: 1 

The number of child processes created on startup: 20

The desired minimum number of idle server processes: 5

The desired maximum number of idle server processes: 35

Requests per child before respawning: 0

Idle Timeout: 30

[Php-Fpm Writes wrong config files]

Hello,

System:

Debian Buster with Froxlor 0.10.12, PHP7.3 and activated php-fpm

Settings php-fpm:

Process manager control (pm): dynamic

The number of child processes: 1 

The number of child processes created on startup: 20

The desired minimum number of idle server processes: 5

The desired maximum number of idle server processes: 35

Requests per child before respawning: 0

Idle Timeout: 30

 

Now rebuild config for domains and the files in /etc/php/7.3/fpm/pool.d contains following php-fpm settings:

pm = dynamic
pm.max_children = 1
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 1
pm.max_requests = 0
request_terminate_timeout = 60s
request_slowlog_timeout = 5s
 

so the values are not the configured ones. Did i do something wrong? Php-fpm values are not overriden in custom php-config for domains.

 

[PHP upload_tmp_dir permission error: Apache PHP-FPM activated => php tempdir wrong owner for customers]

Strange things happend. With current version 0.10.11 it is working without changes. I created that customer with 0.9.x and migrate to 0.10.x so something must happend before. But now it is working thanks alot.

[PHP upload_tmp_dir permission error: Apache PHP-FPM activated => php tempdir wrong owner for customers]

Thanks alot, I'll try it and check the affected files and let you know what I found.

[PHP upload_tmp_dir permission error: Apache PHP-FPM activated => php tempdir wrong owner for customers]

Hello,

today I got from a customer a call he cannot Upload files in Wordpress. After a little search I saw if you create a new customer an a php tmp dir was created, the owner of the temp folder is froxlorlocal and not the new created user. So you cannot upload things via php. Is this a bug or do I still missed a setting?

Environment:

Debian Buster

apache with PHP 7.3 with PHP-FPM

Froxlor 0.10.11

 

Kind regards

[Create Sql-Users with MySql 8.x, but they cannot login]

Thanks a lot and a happy new year!

[Create Sql-Users with MySql 8.x, but they cannot login]

Hello,

We migrated all our froxlor (0.10.10) debian buster systems to MySql 8.x. MySql 8.x Authentication method (authentication plugin is enabled). Everything seems to work, but if you create a sql database with user for a customer, it is stored in database correctly. But if you want to login with the new created user, authentication failed. I have to reset password with phpMyAdmin and use Native MySql authentication.

Is the new authentication method supported by froxlor or do we need to set MySql authentication to Native MySql authentication (In froxlor frontend we set security options to password-crypt to SHA-512)?

default-authentication-plugin=mysql_native_password

 

[Exceptions while accessing traffic, huge panel_traffic tables has to ui performance]

Hello,

 

thanks, so I reset the crojob settings to default for traffic and diskspace. Also delete all data for traffic and diskspace with reset autoincrement to 1. Now it feels like smoother and quicker. Do you calculate the stats while opening the customers live?

DELETE FROM `panel_traffic`;
ALTER TABLE `panel_traffic` AUTO_INCREMENT = 1;

DELETE FROM `panel_traffic_admins`;
ALTER TABLE `panel_diskspace` AUTO_INCREMENT = 1;
 
DELETE FROM `panel_diskspace`;
ALTER TABLE `panel_diskspace` AUTO_INCREMENT = 1;

DELETE FROM `panel_diskspace`;
ALTER TABLE `panel_diskspace_admins` AUTO_INCREMENT = 1;

 

Click on traffic detail still ends in a exception. So I will open an issue at git for your. Once o rethink about traffic and diskspace calculations (collect multiple times, for example 1 Minute and it is gruped per day) and once for the exception on traffic details.