Jump to content
Froxlor Forum

みゆき

Members
  • Posts

    134
  • Joined

  • Days Won

    16

Posts posted by みゆき

  1. 11 minutes ago, d00p said:

    wie verhindern? Ich glaube ich verstehe nicht ganz was dein gesamt-plan ist oder du erklärst es einfach nicht ausreichend. Willst du für eine Domain kein Let's Encrypt, dann deaktiviere Let's Encrypt für die Domain in den Domain-Settings.

    Zusätzlich findest du hier vllt ein bisschen Info bzgl. den rate-limites von let's encrypt: https://letsencrypt.org/de/docs/rate-limits/

    hab die einstellungen gefunden. nur erstellt mir die acme.sh jetzt überhaupt kein cert mehr, egal für welche domain. wenn ich bei frox --force --debug mache.

  2. 19 minutes ago, d00p said:

    Das hier macht mich stutzig....das wird eindeutig in zeile 463 in der sql query selektiert, wurde da manuell in der DB rumgespielt bei den Domains?

     

    und dann hier die antwort von let's encrypt...liegt also nicht an froxlor...das ist eine let's encrypt restriktion. Damit hast du deine Ursache

    nope, an der DB hab ich direkt nichts gemacht.

    Und ja, den Fehler habe ich auch gesehen, aber warum kann ich dann ohne probleme manuell mehrmals am tag das cert erstellen? ^^

  3. 19 minutes ago, d00p said:

    Kann ich dir nicht sagen wieso es nicht klappt, habe gerade gestern erst auf froxlor.org alles erneuert und es wurde wunderbar übernommen. In deinem Ordner ist ja auch nur nen key und nen csr...kein zertifikat.

    Lösch doch bitte einfach mal das Zertifikat einmal in froxlor und einmal via acme.sh und den ganzen ordner. Dann froxlor cron mit --force --debug und schau was er ausgibt. 

    [Fri 05 Jun 2020 12:10:38 PM CEST] tokushu.xxxxxx.eu is removed, the key and cert files are in /root/.acme.sh/tokushu.xxxxxx.eu_ecc
    [Fri 05 Jun 2020 12:10:38 PM CEST] You can remove them by yourself.
    root@tokushu ~ # rm -r .acme.sh/
    
    
    root@tokushu ~ # php /var/www/html/froxlor/scripts/froxlor_master_cronjob.php --force --debug
    [information] TasksCron: Searching for tasks to do
    [information] Running Let's Encrypt cronjob prior to regenerating webserver config files
    [information] Could not find acme.sh - installing it to /root/.acme.sh/
    --2020-06-05 12:16:00--  https://get.acme.sh/
    Resolving get.acme.sh (get.acme.sh)... 2606:4700:3031::ac43:d022, 2606:4700:3037::681f:5944, 2606:4700:3033::681f:5844, ...
    Connecting to get.acme.sh (get.acme.sh)|2606:4700:3031::ac43:d022|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: unspecified [text/html]
    Saving to: ‘STDOUT’
    
    -                                                                           [ <=>                                                                                                                                                                           ]     775  --.-KB/s    in 0s
    
    2020-06-05 12:16:00 (10.7 MB/s) - written to stdout [775]
    
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    100  192k  100  192k    0     0  3264k      0 --:--:-- --:--:-- --:--:-- 3264k
    [information] Requesting 1 new Let's Encrypt certificates
    [information] Creating certificate for tokushu.xxxxxx.eu
    [information] Adding common-name: tokushu.xxxxxx.eu
    PHP Notice:  Undefined index: wwwserveralias in /var/www/html/froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224
    [information] Adding SAN entry: ssl.smtp.tokushu.xxxxxx.eu
    [information] Adding SAN entry: smtp.tokushu.xxxxxx.eu
    [information] Adding SAN entry: smtps.tokushu.xxxxxx.eu
    [information] Adding SAN entry: pop3.tokushu.xxxxxx.eu
    [information] Adding SAN entry: pop3s.tokushu.xxxxxx.eu
    [information] Adding SAN entry: imaps.tokushu.xxxxxx.eu
    [information] Adding SAN entry: imap.tokushu.xxxxxx.eu
    [information] Adding SAN entry: mail.tokushu.xxxxxx.eu
    [information] Adding SAN entry: ssl.tokushu.xxxxxx.eu
    [information] Validating DNS of tokushu.xxxxxx.eu
    [information] Validating DNS of ssl.smtp.tokushu.xxxxxx.eu
    [information] Validating DNS of smtp.tokushu.xxxxxx.eu
    [information] Validating DNS of smtps.tokushu.xxxxxx.eu
    [information] Validating DNS of pop3.tokushu.xxxxxx.eu
    [information] Validating DNS of pop3s.tokushu.xxxxxx.eu
    [information] Validating DNS of imaps.tokushu.xxxxxx.eu
    [information] Validating DNS of imap.tokushu.xxxxxx.eu
    [information] Validating DNS of mail.tokushu.xxxxxx.eu
    [information] Validating DNS of ssl.tokushu.xxxxxx.eu
    [information] Checking for LetsEncrypt client upgrades before renewing certificates:
    [Fri 05 Jun 2020 12:16:02 PM CEST] Already uptodate!
    [Fri 05 Jun 2020 12:16:02 PM CEST] Upgrade success!
    [Fri 05 Jun 2020 12:16:02 PM CEST] Installing cron job
    32 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    [Fri 05 Jun 2020 12:16:02 PM CEST] Lets find script dir.
    [Fri 05 Jun 2020 12:16:02 PM CEST] _SCRIPT_='/root/.acme.sh/acme.sh'
    [Fri 05 Jun 2020 12:16:02 PM CEST] _script='/root/.acme.sh/acme.sh'
    [Fri 05 Jun 2020 12:16:02 PM CEST] _script_home='/root/.acme.sh'
    [Fri 05 Jun 2020 12:16:02 PM CEST] Using config home:/root/.acme.sh
    [Fri 05 Jun 2020 12:16:02 PM CEST] Using server: https://acme-v02.api.letsencrypt.org/directory
    [Fri 05 Jun 2020 12:16:02 PM CEST] Running cmd: issue
    [Fri 05 Jun 2020 12:16:02 PM CEST] _main_domain='tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:02 PM CEST] _alt_domains='ssl.smtp.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,imap.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:02 PM CEST] Using config home:/root/.acme.sh
    [Fri 05 Jun 2020 12:16:02 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
    [Fri 05 Jun 2020 12:16:02 PM CEST] DOMAIN_PATH='/root/.acme.sh/tokushu.xxxxxx.eu_ecc'
    [Fri 05 Jun 2020 12:16:02 PM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
    [Fri 05 Jun 2020 12:16:02 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory
    [Fri 05 Jun 2020 12:16:02 PM CEST] GET
    [Fri 05 Jun 2020 12:16:02 PM CEST] url='https://acme-v02.api.letsencrypt.org/directory'
    [Fri 05 Jun 2020 12:16:02 PM CEST] timeout=
    [Fri 05 Jun 2020 12:16:02 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri 05 Jun 2020 12:16:03 PM CEST] ret='0'
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_AUTHZ
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_VERSION='2'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _on_before_issue
    [Fri 05 Jun 2020 12:16:03 PM CEST] _chk_main_domain='tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _chk_alt_domains='ssl.smtp.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,imap.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Le_LocalAddress
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='ssl.smtp.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='ssl.smtp.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='smtp.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='smtp.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='smtps.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='smtps.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='pop3.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='pop3.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='pop3s.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='pop3s.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='imaps.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='imaps.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='imap.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='imap.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='mail.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='mail.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d='ssl.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='ssl.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
    [Fri 05 Jun 2020 12:16:03 PM CEST] d
    [Fri 05 Jun 2020 12:16:03 PM CEST] config file is empty, can not read CA_KEY_HASH
    [Fri 05 Jun 2020 12:16:03 PM CEST] Using config home:/root/.acme.sh
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory
    [Fri 05 Jun 2020 12:16:03 PM CEST] Use default length 2048
    [Fri 05 Jun 2020 12:16:03 PM CEST] length='2048'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Using config home:/root/.acme.sh
    [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
    [Fri 05 Jun 2020 12:16:03 PM CEST] Use length 2048
    [Fri 05 Jun 2020 12:16:03 PM CEST] Using RSA: 2048
    [Fri 05 Jun 2020 12:16:03 PM CEST] RSA key
    [Fri 05 Jun 2020 12:16:03 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
    [Fri 05 Jun 2020 12:16:03 PM CEST] payload='{"termsOfServiceAgreed": true}'
    [Fri 05 Jun 2020 12:16:03 PM CEST] HEAD
    [Fri 05 Jun 2020 12:16:03 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Fri 05 Jun 2020 12:16:03 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  -I  '
    [Fri 05 Jun 2020 12:16:04 PM CEST] _ret='0'
    [Fri 05 Jun 2020 12:16:04 PM CEST] POST
    [Fri 05 Jun 2020 12:16:04 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
    [Fri 05 Jun 2020 12:16:04 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri 05 Jun 2020 12:16:04 PM CEST] _ret='0'
    [Fri 05 Jun 2020 12:16:04 PM CEST] code='201'
    [Fri 05 Jun 2020 12:16:05 PM CEST] _accUri='https://acme-v02.api.letsencrypt.org/acme/acct/88035139'
    [Fri 05 Jun 2020 12:16:05 PM CEST] Calc CA_KEY_HASH='e02+ECTYr4IfbyDmDYosA/zUqrPtyvnZowoRK80fq/o='
    [Fri 05 Jun 2020 12:16:05 PM CEST] Read key length:
    [Fri 05 Jun 2020 12:16:05 PM CEST] Using config home:/root/.acme.sh
    [Fri 05 Jun 2020 12:16:05 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
    [Fri 05 Jun 2020 12:16:05 PM CEST] Use length 384
    [Fri 05 Jun 2020 12:16:05 PM CEST] Using ec name: secp384r1
    [Fri 05 Jun 2020 12:16:05 PM CEST] _createcsr
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='ssl.smtp.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='smtp.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='smtps.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='pop3.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='pop3s.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='imaps.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='imap.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='mail.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d='ssl.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] d
    [Fri 05 Jun 2020 12:16:05 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Fri 05 Jun 2020 12:16:05 PM CEST] payload='{"identifiers": [{"type":"dns","value":"tokushu.xxxxxx.eu"},{"type":"dns","value":"ssl.smtp.tokushu.xxxxxx.eu"},{"type":"dns","value":"smtp.tokushu.xxxxxx.eu"},{"type":"dns","value":"smtps.tokushu.xxxxxx.eu"},{"type":"dns","value":"pop3.tokushu.xxxxxx.eu"},{"type":"dns","value":"pop3s.tokushu.xxxxxx.eu"},{"type":"dns","value":"imaps.tokushu.xxxxxx.eu"},{"type":"dns","value":"imap.tokushu.xxxxxx.eu"},{"type":"dns","value":"mail.tokushu.xxxxxx.eu"},{"type":"dns","value":"ssl.tokushu.xxxxxx.eu"}]}'
    [Fri 05 Jun 2020 12:16:05 PM CEST] POST
    [Fri 05 Jun 2020 12:16:05 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Fri 05 Jun 2020 12:16:05 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Fri 05 Jun 2020 12:16:05 PM CEST] _ret='0'
    [Fri 05 Jun 2020 12:16:05 PM CEST] code='429'
    [Fri 05 Jun 2020 12:16:05 PM CEST] Le_LinkOrder
    [Fri 05 Jun 2020 12:16:05 PM CEST] Le_OrderFinalize
    [Fri 05 Jun 2020 12:16:05 PM CEST] Create new order error. Le_OrderFinalize not found. {
      "type": "urn:ietf:params:acme:error:rateLimited",
      "detail": "Error creating new order :: too many certificates already issued for exact set of domains: imap.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,ssl.smtp.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu,tokushu.xxxxxx.eu: see https://letsencrypt.org/docs/rate-limits/",
      "status": 429
    }
    [Fri 05 Jun 2020 12:16:05 PM CEST] pid
    [Fri 05 Jun 2020 12:16:05 PM CEST] No need to restore nginx, skip.
    [Fri 05 Jun 2020 12:16:05 PM CEST] _clearupdns
    [Fri 05 Jun 2020 12:16:05 PM CEST] dns_entries
    [Fri 05 Jun 2020 12:16:05 PM CEST] skip dns.
    [Fri 05 Jun 2020 12:16:05 PM CEST] _on_issue_err
    [Fri 05 Jun 2020 12:16:05 PM CEST] Please add '--debug' or '--log' to check more details.
    [Fri 05 Jun 2020 12:16:05 PM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
    [Fri 05 Jun 2020 12:16:05 PM CEST] Diagnosis versions:
    openssl:openssl
    OpenSSL 1.1.1g  21 Apr 2020
    apache:
    apache doesn't exists.
    nginx:
    nginx version: nginx/1.18.0
    built with OpenSSL 1.1.1g  21 Apr 2020
    TLS SNI support enabled
    configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-HHffKl/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module --with-mail=dynamic --with-mail_ssl_module --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-auth-pam --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-dav-ext --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-echo --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-upstream-fair --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-subs-filter
    socat:
    socat by Gerhard Rieger and contributors - see www.dest-unreach.org
    socat version 1.7.3.3 on Oct 26 2019 17:42:04
       running on Linux version #46-Ubuntu SMP Thu Dec 6 14:45:28 UTC 2018, release 4.15.0-43-generic, machine x86_64
    features:
      #define WITH_STDIO 1
      #define WITH_FDNUM 1
      #define WITH_FILE 1
      #define WITH_CREAT 1
      #define WITH_GOPEN 1
      #define WITH_TERMIOS 1
      #define WITH_PIPE 1
      #define WITH_UNIX 1
      #define WITH_ABSTRACT_UNIXSOCKET 1
      #define WITH_IP4 1
      #define WITH_IP6 1
      #define WITH_RAWIP 1
      #define WITH_GENERICSOCKET 1
      #define WITH_INTERFACE 1
      #define WITH_TCP 1
      #define WITH_UDP 1
      #define WITH_SCTP 1
      #define WITH_LISTEN 1
      #define WITH_SOCKS4 1
      #define WITH_SOCKS4A 1
      #define WITH_PROXY 1
      #define WITH_SYSTEM 1
      #define WITH_EXEC 1
      #undef WITH_READLINE
      #define WITH_TUN 1
      #define WITH_PTY 1
      #define WITH_OPENSSL 1
      #undef WITH_FIPS
      #define WITH_LIBWRAP 1
      #define WITH_SYCLS 1
      #define WITH_FILAN 1
      #define WITH_RETRY 1
      #define WITH_MSGLEVEL 0 /*debug*/
    [debug] https://github.com/acmesh-official/acme.sh
    v2.8.6
    [Fri 05 Jun 2020 12:16:03 PM CEST] Create account key ok.
    [Fri 05 Jun 2020 12:16:03 PM CEST] Registering account
    [Fri 05 Jun 2020 12:16:04 PM CEST] Registered
    [Fri 05 Jun 2020 12:16:05 PM CEST] ACCOUNT_THUMBPRINT='6Dckd7KQQrw3m8i9ygIeg_q7IQV5TRUNnKO2UgGoHOI'
    [Fri 05 Jun 2020 12:16:05 PM CEST] Creating domain key
    [Fri 05 Jun 2020 12:16:05 PM CEST] The domain key is here: /root/.acme.sh/tokushu.xxxxxx.eu_ecc/tokushu.xxxxxx.eu.key
    [Fri 05 Jun 2020 12:16:05 PM CEST] Multi domain='DNS:tokushu.xxxxxx.eu,DNS:ssl.smtp.tokushu.xxxxxx.eu,DNS:smtp.tokushu.xxxxxx.eu,DNS:smtps.tokushu.xxxxxx.eu,DNS:pop3.tokushu.xxxxxx.eu,DNS:pop3s.tokushu.xxxxxx.eu,DNS:imaps.tokushu.xxxxxx.eu,DNS:imap.tokushu.xxxxxx.eu,DNS:mail.tokushu.xxxxxx.eu,DNS:ssl.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] Getting domain auth token for each domain
    [error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu:
    https://github.com/acmesh-official/acme.sh
    v2.8.6
    [Fri 05 Jun 2020 12:16:03 PM CEST] Create account key ok.
    [Fri 05 Jun 2020 12:16:03 PM CEST] Registering account
    [Fri 05 Jun 2020 12:16:04 PM CEST] Registered
    [Fri 05 Jun 2020 12:16:05 PM CEST] ACCOUNT_THUMBPRINT='6Dckd7KQQrw3m8i9ygIeg_q7IQV5TRUNnKO2UgGoHOI'
    [Fri 05 Jun 2020 12:16:05 PM CEST] Creating domain key
    [Fri 05 Jun 2020 12:16:05 PM CEST] The domain key is here: /root/.acme.sh/tokushu.xxxxxx.eu_ecc/tokushu.xxxxxx.eu.key
    [Fri 05 Jun 2020 12:16:05 PM CEST] Multi domain='DNS:tokushu.xxxxxx.eu,DNS:ssl.smtp.tokushu.xxxxxx.eu,DNS:smtp.tokushu.xxxxxx.eu,DNS:smtps.tokushu.xxxxxx.eu,DNS:pop3.tokushu.xxxxxx.eu,DNS:pop3s.tokushu.xxxxxx.eu,DNS:imaps.tokushu.xxxxxx.eu,DNS:imap.tokushu.xxxxxx.eu,DNS:mail.tokushu.xxxxxx.eu,DNS:ssl.tokushu.xxxxxx.eu'
    [Fri 05 Jun 2020 12:16:05 PM CEST] Getting domain auth token for each domain
    [error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu:
    
    [information] Let's Encrypt certificates have been updated
    [information] nginx::createIpPort: creating ip/port settings for  [2a01:4f8:10a:1ca0::2]:80
    [information] nginx::createIpPort: creating ip/port settings for  [2a01:4f8:10a:1ca0::2]:443
    [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
    [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
    [information] nginx::createIpPort: creating ip/port settings for  88.99.92.97:80
    [information] nginx::createIpPort: creating ip/port settings for  88.99.92.97:443
    [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
    [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
    [information] nginx::writeConfigs: rebuilding /etc/nginx/sites-enabled/
    [information] Froxlor\Cron\Http\NginxFcgi::reload: running service php7.4-fpm restart
    [information] Froxlor\Cron\Http\NginxFcgi::reload: reloading Froxlor\Cron\Http\NginxFcgi
    Job for nginx.service failed.
    See "systemctl status nginx.service" and "journalctl -xe" for details.
    [notice] Creating passwd file
    [notice] Writing 2 entries to passwd file
    [notice] Succesfully wrote passwd file
    [notice] Creating group file
    [notice] Writing 1 entries to group file
    [notice] Succesfully wrote group file
    [notice] Creating shadow file
    [notice] Writing 2 entries to shadow file
    [notice] Succesfully wrote shadow file
    [notice] Checking system's last guid

     

  4. 40 minutes ago, d00p said:

    sind denn Zertifikate in /root/.acme.sh/[domain] ? Das ist mal die grundlage. Denn froxlor synchronisiert diese mit seiner Datenbank und aus der eigenen Datenbank schreibt er die dann nach /etc/ssl/froxlor-custom/

    das sind die einzigen dateien die im ordner vorhanden sind.

    Unbenannt.JPG.e1b52ddb94b9199a2fc78a3310353280.JPG

  5. 9 minutes ago, d00p said:

    naja, der ordner passt doch, dann hat er für tokushu.xxxxxx.eu halt einfahc kein ecc zertifikat, er sollte ja danach dann alternativ im nicht _ecc-Ordner suchen...

    na ja, aber /etc/ssl/froxlor-custom ist immer noch leer, so lange er da die certs nicht erstellt. geht dies leider halt nicht.

  6. On 6/4/2020 at 7:43 AM, d00p said:

    Leider noch nicht.

    [error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu:
    nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/10_froxlor_ipandport_xxxxxxxx.443.conf:5

    ich probiere gleich mal, wenn ich frox eine andere sub domain zuweise, ob dies geht.

  7. 1 minute ago, d00p said:

    Wenn ich den Pfad so angucke ist es ja offensichtlich. Kann ich jetzt so ausm Stehgreif nicht sagen, dachte ich hätte das überall gefixed. Vermutlich an einer Stelle übersehen

    Ja, aber auch das Costum Ordner keine dateien vorhanden sind, verstehe ich irgendwie nicht., für domains erstellt er die. nur für die froxlor domain nicht, aber manuel ein cert erstellen geht ohne probleme.
    Die Domain für Froxlor, ist zwar nur eine Sub-Domain, aber die hat bisher noch nie probleme gemacht.

  8. irgendwie suckt die acme.sh immer noch bei mir ...
    bekomme wieder den fehler "[error] Could not find file 'xxxxxxxxx.cer' in '/root/.acme.sh/xxxxxxxxx_ecc/_ecc/'"

    nginx meckert auch wegen, "nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in "/etc/nginx/sites-enabled/10_froxlor_ipandport_xxxxxxxxxx.conf:5"
    da keine Dateien unter "/etc/ssl/froxlor-custom" vorhanden sind.

     vorhande dateien im acme ordner:

    ~/.acme.sh/xxxxxxxxx_ecc # ls
    xxxxxxxxx.conf  xxxxxxxxx.csr  xxxxxxxxx.csr.conf  xxxxxxxxx.key

     

     

    aktuelle git vers. 

  9. 1 hour ago, d00p said:

    Das der _ecc Ordner da fälschlicherweise angehängt wird, kommt sicher von meinem commit vom 28.5. (https://github.com/Froxlor/Froxlor/commit/d73d8da2fddd8c25922d8f31b7f5e36c585e0b5c) - habe ich gerade gefixed (https://github.com/Froxlor/Froxlor/commit/394ec4cd4a39c20d0f755a5d7c16c0c8589fd737). Es wäre hilfreich wenn du in so einem Post auch sagst das du den git-stand nutzt und nicht den letzten release :)

    merke ich mir das nächste mal und erwähne dann git-stand :P

    eine Warnung spuckt er aber noch aus, habe ich gerade gesehen.

    [warning] ECC certificates activated but found only non-ecc file
    [warning] ECC certificates activated but found only non-ecc file
    [warning] ECC certificates activated but found only non-ecc file
    [warning] ECC certificates activated but found only non-ecc file
    [warning] ECC certificates activated but found only non-ecc file

    Aber let's läuft sonst jetzt wieder.

  10. habe mir die logs noch mal genauer angesehen und acme.sh meckert, das er den ordner "_ecc" nicht findet, aber die acme.sh erstellt die verz. eig. so: /.amce.sh/domain_ecc/ also macht keinen unterordner "_ecc"

    php froxlor_master_cronjob.php --letsencrypt --force
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:32 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:32 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:46 AM UTC
    [Sun 31 May 2020 04:24:32 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:32 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:32 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:52 AM UTC
    [Sun 31 May 2020 04:24:32 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:33 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:33 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:41 AM UTC
    [Sun 31 May 2020 04:24:33 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:34 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:34 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:14 AM UTC
    [Sun 31 May 2020 04:24:34 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:35 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:35 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:58 AM UTC
    [Sun 31 May 2020 04:24:35 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:36 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:36 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:33 AM UTC
    [Sun 31 May 2020 04:24:36 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:37 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:37 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:06 AM UTC
    [Sun 31 May 2020 04:24:37 AM CEST] Add '--force' to force to renew.
    PHP Notice:  Undefined index: wwwserveralias in /var/www/html/Froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224
    [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:37 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:37 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:26 AM UTC
    [Sun 31 May 2020 04:24:37 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:38 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:38 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:46 AM UTC
    [Sun 31 May 2020 04:24:38 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:39 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:39 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:52 AM UTC
    [Sun 31 May 2020 04:24:39 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:40 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:40 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:41 AM UTC
    [Sun 31 May 2020 04:24:40 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    [Sun 31 May 2020 04:24:41 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:41 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:14 AM UTC
    [Sun 31 May 2020 04:24:41 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:42 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:42 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:58 AM UTC
    [Sun 31 May 2020 04:24:42 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:43 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:43 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:33 AM UTC
    [Sun 31 May 2020 04:24:43 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:43 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:43 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:06 AM UTC
    [Sun 31 May 2020 04:24:43 AM CEST] Add '--force' to force to renew.
    PHP Notice:  Undefined index: wwwserveralias in /var/www/html/Froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224
    [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:
    [Sun 31 May 2020 04:24:44 AM CEST] Domains not changed.
    [Sun 31 May 2020 04:24:44 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:26 AM UTC
    [Sun 31 May 2020 04:24:44 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:

    Auch die kompletten Files im Ordner "/etc/ssl/froxlor-custom/" sind verschwunden...

    [error] tokushu.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] tokushu.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] music.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] pmaaaaa.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] webmail.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
    Job for nginx.service failed.
    See "systemctl status nginx.service" and "journalctl -xe" for details.

     

  11. Hi,

    habe froxlor heute auf dem neusten stand gebracht und wollte eine domain hinzufügen inkl. ssl settings.
    Da ist mit dieser Fehler aufgefallen, durch den Fehler wird auch mein nginx process gekillt jedesmal.

     

    php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --force --debug
    [information] TasksCron: Searching for tasks to do
    [information] Running Let's Encrypt cronjob prior to regenerating webserver config files
    [information] Requesting 1 new Let's Encrypt certificates
    [warning] Skipping Let's Encrypt generation for xxxxxxxxxxxxxx.eu due to an enabled ssl_redirect
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/sayanee.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for sayanee.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxxxxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxxxxxxxxx.eu:
    
    [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:
    
    [information] Let's Encrypt certificates have been updated
    [information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:80
    [information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:443
    [information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:80
    [information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:443
    [information] nginx::writeConfigs: rebuilding /etc/nginx/sites-enabled/
    [information] Froxlor\Cron\Http\NginxFcgi::reload: running service php7.4-fpm restart
    [information] Froxlor\Cron\Http\NginxFcgi::reload: reloading Froxlor\Cron\Http\NginxFcgi
    [notice] Creating passwd file
    [notice] Writing 2 entries to passwd file
    [notice] Succesfully wrote passwd file
    [notice] Creating group file
    [notice] Writing 1 entries to group file
    [notice] Succesfully wrote group file
    [notice] Creating shadow file
    [notice] Writing 2 entries to shadow file
    [notice] Succesfully wrote shadow file
    [notice] Checking system's last guid
    root@tokushu ~ # php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug
    [information] Requesting 1 new Let's Encrypt certificates
    [information] Creating certificate for xxxxxxxxxxxxxx.eu
    [information] Adding common-name: xxxxxxxxxxxxxx.eu
    [information] Adding SAN entry: www.xxxxxxxxxxxxxx.eu
    [information] Validating DNS of xxxxxxxxxxxxxx.eu
    [information] Validating DNS of www.xxxxxxxxxxxxxx.eu
    [information] Checking for LetsEncrypt client upgrades before renewing certificates:
    [Sun 31 May 2020 02:22:28 AM CEST] Already uptodate!
    [Sun 31 May 2020 02:22:28 AM CEST] Upgrade success!
    [Sun 31 May 2020 02:22:28 AM CEST] Installing cron job
    32 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
    [Sun 31 May 2020 02:22:28 AM CEST] Lets find script dir.
    [Sun 31 May 2020 02:22:28 AM CEST] _SCRIPT_='/root/.acme.sh/acme.sh'
    [Sun 31 May 2020 02:22:28 AM CEST] _script='/root/.acme.sh/acme.sh'
    [Sun 31 May 2020 02:22:28 AM CEST] _script_home='/root/.acme.sh'
    [Sun 31 May 2020 02:22:28 AM CEST] Using config home:/root/.acme.sh
    [Sun 31 May 2020 02:22:28 AM CEST] Using server: https://acme-v02.api.letsencrypt.org/directory
    [Sun 31 May 2020 02:22:28 AM CEST] Running cmd: issue
    [Sun 31 May 2020 02:22:28 AM CEST] _main_domain='xxxxxxxxxxxxxx.eu'
    [Sun 31 May 2020 02:22:28 AM CEST] _alt_domains='www.xxxxxxxxxxxxxx.eu'
    [Sun 31 May 2020 02:22:28 AM CEST] Using config home:/root/.acme.sh
    [Sun 31 May 2020 02:22:28 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
    [Sun 31 May 2020 02:22:28 AM CEST] DOMAIN_PATH='/root/.acme.sh/xxxxxxxxxxxxxx.eu_ecc'
    [Sun 31 May 2020 02:22:28 AM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
    [Sun 31 May 2020 02:22:28 AM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory
    [Sun 31 May 2020 02:22:28 AM CEST] GET
    [Sun 31 May 2020 02:22:28 AM CEST] url='https://acme-v02.api.letsencrypt.org/directory'
    [Sun 31 May 2020 02:22:28 AM CEST] timeout=
    [Sun 31 May 2020 02:22:28 AM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Sun 31 May 2020 02:22:29 AM CEST] ret='0'
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_AUTHZ
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
    [Sun 31 May 2020 02:22:29 AM CEST] ACME_VERSION='2'
    [Sun 31 May 2020 02:22:29 AM CEST] Le_NextRenewTime='1595981974'
    [Sun 31 May 2020 02:22:29 AM CEST] _saved_domain='xxxxxxxxxxxxxx.eu'
    [Sun 31 May 2020 02:22:29 AM CEST] _saved_alt='www.xxxxxxxxxxxxxx.eu'
    [debug] https://github.com/acmesh-official/acme.sh
    v2.8.6
    [Sun 31 May 2020 02:22:29 AM CEST] Domains not changed.
    [Sun 31 May 2020 02:22:29 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 12:19:34 AM UTC
    [Sun 31 May 2020 02:22:29 AM CEST] Add '--force' to force to renew.
    [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxxxxxxxxx.eu/_ecc/'
    [error] Could not get Let's Encrypt certificate for xxxxxxxxxxxxxx.eu:
    https://github.com/acmesh-official/acme.sh
    v2.8.6
    [Sun 31 May 2020 02:22:29 AM CEST] Domains not changed.
    [Sun 31 May 2020 02:22:29 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 12:19:34 AM UTC
    [Sun 31 May 2020 02:22:29 AM CEST] Add '--force' to force to renew.
    [information] Let's Encrypt certificates have been updated

    im ordner .acme.sh sind auch alle cert's verschwunden. durch den fehler kann ich auch keine neue domain mit ssl hinzufügen.

  12. Du musst dazu noch "fastcgi_parm ... Upload size" dazu packen und am besten dann noch "fastcgi_read_timeout" dazu

    bsp:

    	location / {
    ....
    		client_max_body_size 1000M;
    ....
    
    		
    	}
    
    	location @php {
    		try_files $1 =404;
    
    ...
    		fastcgi_param PHP_VALUE "upload_max_filesize=1000M \n post_max_size=1000M";
    	    fastcgi_read_timeout 600;
    ...
    	}

    Dann sollte es ohne probleme gehen.

  13. habe heute mal wieder ein "git pull" gemacht und eine neue domain in froxlor gepackt.
    habe aber festgestellt, das keine LE Cert erstellt wird bzw. nicht richtig wohl. da die Browser alle sagen sie, seite sei Unsicher "Feherhaftes oder Fehlendes Cert"

    in der nginx vhost conf sind die cert, sind die cert pfade richtig drin.

     

    cert.thumb.JPG.efa449722ba8ab38912d2942a36d0653.JPG

     

    Cronjob wurde manuell gestartet

     

    php scripts/froxlor_master_cronjob.php --letsencrypt --debug
    [information] Requesting/renewing Let's Encrypt certificates
    [information] Creating certificate for xxxxxxxxxx.eu
    [information] Adding SAN entry: xxxxxxxxxx.eu
    [information] Adding SAN entry: www.xxxxxxxxxx.eu
    [information] Checking for LetsEncrypt client upgrades before renewing certificates:
    [Wed 04 Dec 2019 10:12:50 PM CET] Installing from online archive.
    [Wed 04 Dec 2019 10:12:50 PM CET] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz
    [Wed 04 Dec 2019 10:12:51 PM CET] Extracting master.tar.gz
    [Wed 04 Dec 2019 10:12:51 PM CET] Installing to /root/.acme.sh
    [Wed 04 Dec 2019 10:12:51 PM CET] Installed to /root/.acme.sh/acme.sh
    [Wed 04 Dec 2019 10:12:51 PM CET] Good, bash is found, so change the shebang to use bash as preferred.
    [Wed 04 Dec 2019 10:12:51 PM CET] OK
    [Wed 04 Dec 2019 10:12:51 PM CET] Install success!
    [Wed 04 Dec 2019 10:12:51 PM CET] Upgrade success!
    [Wed 04 Dec 2019 10:12:51 PM CET] Removing cron job
    [Wed 04 Dec 2019 10:12:52 PM CET] Lets find script dir.
    [Wed 04 Dec 2019 10:12:52 PM CET] _SCRIPT_='/root/.acme.sh/acme.sh'
    [Wed 04 Dec 2019 10:12:52 PM CET] _script='/root/.acme.sh/acme.sh'
    [Wed 04 Dec 2019 10:12:52 PM CET] _script_home='/root/.acme.sh'
    [Wed 04 Dec 2019 10:12:52 PM CET] Using config home:/root/.acme.sh
    [Wed 04 Dec 2019 10:12:52 PM CET] Using server: https://acme-staging-v02.api.letsencrypt.org/directory
    [Wed 04 Dec 2019 10:12:52 PM CET] Running cmd: issue
    [Wed 04 Dec 2019 10:12:52 PM CET] _main_domain='xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] _alt_domains='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] Using config home:/root/.acme.sh
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_DIRECTORY='https://acme-staging-v02.api.letsencrypt.org/directory'
    [Wed 04 Dec 2019 10:12:52 PM CET] DOMAIN_PATH='/root/.acme.sh/xxxxxxxxxx.eu_ecc'
    [Wed 04 Dec 2019 10:12:52 PM CET] Using ACME_DIRECTORY: https://acme-staging-v02.api.letsencrypt.org/directory
    [Wed 04 Dec 2019 10:12:52 PM CET] _init api for server: https://acme-staging-v02.api.letsencrypt.org/directory
    [Wed 04 Dec 2019 10:12:52 PM CET] GET
    [Wed 04 Dec 2019 10:12:52 PM CET] url='https://acme-staging-v02.api.letsencrypt.org/directory'
    [Wed 04 Dec 2019 10:12:52 PM CET] timeout=
    [Wed 04 Dec 2019 10:12:52 PM CET] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Wed 04 Dec 2019 10:12:52 PM CET] ret='0'
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_KEY_CHANGE='https://acme-staging-v02.api.letsencrypt.org/acme/key-change'
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_NEW_AUTHZ
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_NEW_ORDER='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_NEW_ACCOUNT='https://acme-staging-v02.api.letsencrypt.org/acme/new-acct'
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_REVOKE_CERT='https://acme-staging-v02.api.letsencrypt.org/acme/revoke-cert'
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_NEW_NONCE='https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce'
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_VERSION='2'
    [Wed 04 Dec 2019 10:12:52 PM CET] _on_before_issue
    [Wed 04 Dec 2019 10:12:52 PM CET] _chk_main_domain='xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] _chk_alt_domains='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] Le_LocalAddress
    [Wed 04 Dec 2019 10:12:52 PM CET] d='xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] Check for domain='xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] _currentRoot='/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:52 PM CET] d='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] Check for domain='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] _currentRoot='/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:52 PM CET] d
    [Wed 04 Dec 2019 10:12:52 PM CET] _saved_account_key_hash is not changed, skip register account.
    [Wed 04 Dec 2019 10:12:52 PM CET] Read key length:
    [Wed 04 Dec 2019 10:12:52 PM CET] Using config home:/root/.acme.sh
    [Wed 04 Dec 2019 10:12:52 PM CET] ACME_DIRECTORY='https://acme-staging-v02.api.letsencrypt.org/directory'
    [Wed 04 Dec 2019 10:12:52 PM CET] Use length 384
    [Wed 04 Dec 2019 10:12:52 PM CET] Using ec name: secp384r1
    [Wed 04 Dec 2019 10:12:52 PM CET] _createcsr
    [Wed 04 Dec 2019 10:12:52 PM CET] d='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] d
    [Wed 04 Dec 2019 10:12:52 PM CET] url='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
    [Wed 04 Dec 2019 10:12:52 PM CET] payload='{"identifiers": [{"type":"dns","value":"xxxxxxxxxx.eu"},{"type":"dns","value":"www.xxxxxxxxxx.eu"}]}'
    [Wed 04 Dec 2019 10:12:52 PM CET] RSA key
    [Wed 04 Dec 2019 10:12:52 PM CET] HEAD
    [Wed 04 Dec 2019 10:12:52 PM CET] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/new-nonce'
    [Wed 04 Dec 2019 10:12:52 PM CET] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  -I  '
    [Wed 04 Dec 2019 10:12:53 PM CET] _ret='0'
    [Wed 04 Dec 2019 10:12:53 PM CET] POST
    [Wed 04 Dec 2019 10:12:53 PM CET] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/new-order'
    [Wed 04 Dec 2019 10:12:53 PM CET] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Wed 04 Dec 2019 10:12:54 PM CET] _ret='0'
    [Wed 04 Dec 2019 10:12:54 PM CET] code='201'
    [Wed 04 Dec 2019 10:12:54 PM CET] Le_LinkOrder='https://acme-staging-v02.api.letsencrypt.org/acme/order/11716275/64509659'
    [Wed 04 Dec 2019 10:12:54 PM CET] Le_OrderFinalize='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/11716275/64509659'
    [Wed 04 Dec 2019 10:12:54 PM CET] url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/25258627'
    [Wed 04 Dec 2019 10:12:54 PM CET] payload
    [Wed 04 Dec 2019 10:12:54 PM CET] POST
    [Wed 04 Dec 2019 10:12:54 PM CET] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/25258627'
    [Wed 04 Dec 2019 10:12:54 PM CET] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Wed 04 Dec 2019 10:12:55 PM CET] _ret='0'
    [Wed 04 Dec 2019 10:12:55 PM CET] code='200'
    [Wed 04 Dec 2019 10:12:55 PM CET] url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/25258628'
    [Wed 04 Dec 2019 10:12:55 PM CET] payload
    [Wed 04 Dec 2019 10:12:55 PM CET] POST
    [Wed 04 Dec 2019 10:12:55 PM CET] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/25258628'
    [Wed 04 Dec 2019 10:12:55 PM CET] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Wed 04 Dec 2019 10:12:55 PM CET] _ret='0'
    [Wed 04 Dec 2019 10:12:55 PM CET] code='200'
    [Wed 04 Dec 2019 10:12:55 PM CET] d='xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:55 PM CET] _w='/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:55 PM CET] _currentRoot='/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:56 PM CET] entry='"type":"http-01","status":"valid","url":"https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258627/3ebB0g","token":"Ttvw2E-36airL3Sd38NfVUB-4r9c7FB-FpINP6UTcJk","validationRecord":[{"url":"http://xxxxxxxxxx.eu/.well-known/acme-challenge/Ttvw2E-36airL3Sd38NfVUB-4r9c7FB-FpINP6UTcJk","hostname":"xxxxxxxxxx.eu","port":"80","addressesResolved":["88.99.92.97","2a01:4f8:10a:1ca0::2"],"addressUsed":"2a01:4f8:10a:1ca0::2"'
    [Wed 04 Dec 2019 10:12:56 PM CET] token='Ttvw2E-36airL3Sd38NfVUB-4r9c7FB-FpINP6UTcJk'
    [Wed 04 Dec 2019 10:12:56 PM CET] uri='https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258627/3ebB0g'
    [Wed 04 Dec 2019 10:12:56 PM CET] keyauthorization='Ttvw2E-36airL3Sd38NfVUB-4r9c7FB-FpINP6UTcJk.4llaoQT_WVQRsyuuLc0BJGmqmtRbm-9egrbkq30uo1g'
    [Wed 04 Dec 2019 10:12:56 PM CET] xxxxxxxxxx.eu is already verified.
    [Wed 04 Dec 2019 10:12:56 PM CET] keyauthorization='verified_ok'
    [Wed 04 Dec 2019 10:12:56 PM CET] dvlist='xxxxxxxxxx.eu#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258627/3ebB0g#http-01#/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:56 PM CET] d='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:56 PM CET] _w='/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:56 PM CET] _currentRoot='/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:56 PM CET] entry='"type":"http-01","status":"valid","url":"https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258628/5orHRw","token":"qvwUCzK0zDLPq5mvkp6XEogLwb_wg0UYS2QRGPs7-YQ","validationRecord":[{"url":"http://www.xxxxxxxxxx.eu/.well-known/acme-challenge/qvwUCzK0zDLPq5mvkp6XEogLwb_wg0UYS2QRGPs7-YQ","hostname":"www.xxxxxxxxxx.eu","port":"80","addressesResolved":["88.99.92.97","2a01:4f8:10a:1ca0::2"],"addressUsed":"2a01:4f8:10a:1ca0::2"'
    [Wed 04 Dec 2019 10:12:56 PM CET] token='qvwUCzK0zDLPq5mvkp6XEogLwb_wg0UYS2QRGPs7-YQ'
    [Wed 04 Dec 2019 10:12:56 PM CET] uri='https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258628/5orHRw'
    [Wed 04 Dec 2019 10:12:56 PM CET] keyauthorization='qvwUCzK0zDLPq5mvkp6XEogLwb_wg0UYS2QRGPs7-YQ.4llaoQT_WVQRsyuuLc0BJGmqmtRbm-9egrbkq30uo1g'
    [Wed 04 Dec 2019 10:12:56 PM CET] www.xxxxxxxxxx.eu is already verified.
    [Wed 04 Dec 2019 10:12:56 PM CET] keyauthorization='verified_ok'
    [Wed 04 Dec 2019 10:12:56 PM CET] dvlist='www.xxxxxxxxxx.eu#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258628/5orHRw#http-01#/var/www/html/xxxxxxxxxx'
    [Wed 04 Dec 2019 10:12:56 PM CET] d
    [Wed 04 Dec 2019 10:12:56 PM CET] vlist='xxxxxxxxxx.eu#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258627/3ebB0g#http-01#/var/www/html/xxxxxxxxxx,www.xxxxxxxxxx.eu#verified_ok#https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/25258628/5orHRw#http-01#/var/www/html/xxxxxxxxxx,'
    [Wed 04 Dec 2019 10:12:56 PM CET] d='xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:56 PM CET] xxxxxxxxxx.eu is already verified, skip http-01.
    [Wed 04 Dec 2019 10:12:56 PM CET] d='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:56 PM CET] www.xxxxxxxxxx.eu is already verified, skip http-01.
    [Wed 04 Dec 2019 10:12:56 PM CET] ok, let's start to verify
    [Wed 04 Dec 2019 10:12:56 PM CET] pid
    [Wed 04 Dec 2019 10:12:56 PM CET] No need to restore nginx, skip.
    [Wed 04 Dec 2019 10:12:56 PM CET] _clearupdns
    [Wed 04 Dec 2019 10:12:56 PM CET] dns_entries
    [Wed 04 Dec 2019 10:12:56 PM CET] skip dns.
    [Wed 04 Dec 2019 10:12:56 PM CET] i='2'
    [Wed 04 Dec 2019 10:12:56 PM CET] j='9'
    [Wed 04 Dec 2019 10:12:56 PM CET] url='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/11716275/64509659'
    [Wed 04 Dec 2019 10:12:56 PM CET] payload='{"csr": "MIIBdzCB_QIBADAhMR8wHQYDVQQDDBZiYW5kbWFpZC1ldXJvcGVmYW5zLmV1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4KfE9-fnkEbwkmDMqLWU-jub9OzGktAJralMd-Q99voKmVWlEqAxApuYrOWhHex5jxuunW3SH0yezxODfR91VsbYSnPiaaxSpWhlFoOrIGmZijzR2AkjESgVcUSrL2eroF0wWwYJKoZIhvcNAQkOMU4wTDALBgNVHQ8EBAMCBeAwPQYDVR0RBDYwNIIWYmFuZG1haWQtZXVyb3BlZmFucy5ldYIad3d3LmJhbmRtYWlkLWV1cm9wZWZhbnMuZXUwCgYIKoZIzj0EAwIDaQAwZgIxAJsRB9-_5syNT8mXQiyisw_xfatqSzrgmmVVN3vpw6EhIb1AkagUnYX4DMnDXgLsPwIxAJWMQFdsLhiDNcamBUBf5AMVStzz-ipCblL7nMRWnmiV7QhYLYla-Y-UnqRFlrhhDg"}'
    [Wed 04 Dec 2019 10:12:56 PM CET] POST
    [Wed 04 Dec 2019 10:12:56 PM CET] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/finalize/11716275/64509659'
    [Wed 04 Dec 2019 10:12:56 PM CET] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Wed 04 Dec 2019 10:12:57 PM CET] _ret='0'
    [Wed 04 Dec 2019 10:12:57 PM CET] code='200'
    [Wed 04 Dec 2019 10:12:57 PM CET] Order status is valid.
    [Wed 04 Dec 2019 10:12:57 PM CET] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa927c748422c16f48ef004a263be5238be6'
    [Wed 04 Dec 2019 10:12:57 PM CET] url='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa927c748422c16f48ef004a263be5238be6'
    [Wed 04 Dec 2019 10:12:57 PM CET] payload
    [Wed 04 Dec 2019 10:12:57 PM CET] POST
    [Wed 04 Dec 2019 10:12:57 PM CET] _post_url='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa927c748422c16f48ef004a263be5238be6'
    [Wed 04 Dec 2019 10:12:57 PM CET] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
    [Wed 04 Dec 2019 10:12:58 PM CET] _ret='0'
    [Wed 04 Dec 2019 10:12:58 PM CET] code='200'
    [Wed 04 Dec 2019 10:12:58 PM CET] Found cert chain
    [Wed 04 Dec 2019 10:12:58 PM CET] _end_n='28'
    [Wed 04 Dec 2019 10:12:58 PM CET] Le_LinkCert='https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa927c748422c16f48ef004a263be5238be6'
    [Wed 04 Dec 2019 10:12:58 PM CET] v2 chain.
    [Wed 04 Dec 2019 10:12:58 PM CET] _on_issue_success
    [debug] https://github.com/Neilpang/acme.sh
    v2.8.4
    [Wed 04 Dec 2019 10:12:52 PM CET] Creating domain key
    [Wed 04 Dec 2019 10:12:52 PM CET] The domain key is here: /root/.acme.sh/xxxxxxxxxx.eu_ecc/xxxxxxxxxx.eu.key
    [Wed 04 Dec 2019 10:12:52 PM CET] Multi domain='DNS:xxxxxxxxxx.eu,DNS:www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:52 PM CET] Getting domain auth token for each domain
    [Wed 04 Dec 2019 10:12:55 PM CET] Getting webroot for domain='xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:56 PM CET] Getting webroot for domain='www.xxxxxxxxxx.eu'
    [Wed 04 Dec 2019 10:12:56 PM CET] xxxxxxxxxx.eu is already verified, skip http-01.
    [Wed 04 Dec 2019 10:12:56 PM CET] www.xxxxxxxxxx.eu is already verified, skip http-01.
    [Wed 04 Dec 2019 10:12:56 PM CET] Verify finished, start to sign.
    [Wed 04 Dec 2019 10:12:56 PM CET] Lets finalize the order, Le_OrderFinalize: https://acme-staging-v02.api.letsencrypt.org/acme/finalize/11716275/64509659
    [Wed 04 Dec 2019 10:12:57 PM CET] Download cert, Le_LinkCert: https://acme-staging-v02.api.letsencrypt.org/acme/cert/fa927c748422c16f48ef004a263be5238be6

     

    *nachtrag*

    habe testweise manuell das cert mit *certbot* für diese eine Domain erstellt und die pfade in der vhost conf angepasst, browser meckern jetzt nicht mehr

  14. mysql -h localhost -u root -p

    ###Set the new type of validation

    SET GLOBAL validate_password_policy=0; //For Low

    ###Restart mysql
    sudo service mysql restart

     

    or you can use a password, which has fewer special characters, some programs have problems with it. Best example is there dovecot.

  15. Benutze Bitte libnss-extrausers und nicht libnss-mysql

    Um welche Froxlor Version handelt es sich den? 

    Du kannst nähmlich auch php /var/www/html/Froxlor/install/scripts/config-services.php --froxlor-dir=/var/www/html/Froxlor/ --create

    benutzen, da macht er dir die confs automatisch, du musst nur angeben für welches OS und was du Installieren willst

     

    Das die Doku in der Wiki angeht, die wird komplett erneuert, daran wird schon gearbeitet

  16. Einen neuen Kunden extra für phpmyadmin zu erstellen brauchst du schon mal nicht, aber was du erstellen musst, wenn du andere confs für php-fpm benutzen willst, ist halt ne eigene conf, das dauert keine 5min und ist im Panel ruck zuck gemacht. Und zwar unter PHP-Konfigurationen > Neue Konfiguration erstellen so mache ich dies auch bei vers. CMS die ich am laufen habe. Du musst dann nur nach dem erstellen der conf im Panel, einem oder dem einen Kunden die rechte für die php-conf geben. Kunden > Kunden bearbeiten > PHP-Konfiguration und fast ganz unten, dann die conf mit einem hacken aktivieren und schwups kannst du bei jeder domain wo der kunde besitzt die conf aktivieren.

    • Like 1
  17. Also noch mal, du hast erwähnt

    2 hours ago, xep22 said:

    die Apache-Zertifikate fehlen aber immer noch. 

    Also noch mal, deine Apache Cert, die du selbst erstellt hast, brauchst du nicht mehr, nach dem du LE aktiviert und benutzt hast.
    Wenn du Froxlor über eine IP aufrufst, bekommst du natürlich kein LE Cert, sondern brauchst halt eine Domain o. Sub-Domain für Froxlor.
    Froxlor macht, alles von alleine was LE angeht, du musst nur wenn du eine Domain oder Sub-Domain in Froxlor anlegst, musst du nur dann SSL für diese Domain oder Sub-Domain einstellen, den Rest macht das Panel.

  18. 1 minute ago, xep22 said:

    jetzt ist sie da :

    
    # 35_froxlor_ssl_vhost_janis0705.tk.conf
    # Created 11.05.2019 12:28
    # Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.
    
    # Domain ID: 2 (SSL) - CustomerID: 1 - CustomerLogin: user1
    <VirtualHost 91.200.103.227:443>
      ServerName janis0705.tk
      ServerAlias www.janis0705.tk
      ServerAdmin gwegew@egewew.de
      SSLEngine On
      SSLProtocol -ALL +TLSv1 +TLSv1.2
      SSLCompression Off
      SSLHonorCipherOrder On
      SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
      SSLVerifyDepth 10
      SSLCertificateFile /etc/ssl/froxlor-custom/janis0705.tk.crt
      SSLCertificateKeyFile /etc/ssl/froxlor-custom/janis0705.tk.key
      SSLCACertificateFile /etc/ssl/froxlor-custom/janis0705.tk_CA.pem
      SSLCertificateChainFile /etc/ssl/froxlor-custom/janis0705.tk_chain.pem
      <IfModule mod_headers.c>
        Header always set Strict-Transport-Security "max-age=0"
      </IfModule>
      DocumentRoot "/var/customers/webs/user1/"
      php_admin_value sendmail_path "/usr/sbin/sendmail -t -f gwegew@egewew.de"
      php_admin_value open_basedir "/var/customers/webs/user1:/tmp"
      ErrorLog "/var/customers/logs/user1-error.log"
      CustomLog "/var/customers/logs/user1-access.log" combined
    </VirtualHost>

    die Apache-Zertifikate fehlen aber immer noch. 

     

    Meldung genau Bitte bzw. error.log mal vom apache posten.
    und deine selbst erstellten apache cert. haben nichts mit LE oder dem Vhost zu tun.
    Weil deine LE Cert sind korrekt in deinem Vhost drin, daher weiß ich nicht ohne Logs, wo er deine eigenen Certs haben will ...

     

×
×
  • Create New...