Jump to content
Froxlor Forum

nisamudeen97

Members
  • Posts

    41
  • Joined

  • Last visited

Posts posted by nisamudeen97

  1. Hi,

    We have noticed letsencrypt crons getting failed with the below message.  Current froxlor version  is 0.10.25.  I have replaced actual domain with domain.com.  All our domains SSL update are getting failed.

    [error] Could not find certificate-folder '/root/.acme.sh/domain.com/'
    [error] Could not get Let's Encrypt certificate for domain.com:

  2. Hi,

    Recently i have updated froxlor version running on my debian 8  php 5.6  to latest one.  I have changed default froxlor php to 7.3.   Current froxlor version is "0.10.18"(DB: 202005150).  See the attached screen shot.    I could see the below error in apache logs for froxlor and it is loading blank.

    mod_fcgid: stderr: PHP Parse error:  syntax error, unexpected '?' in /var/www/froxlor/index.php on line 485

    Has some one had the same issue after upgrade? 

     

    system statys.png

  3. Hi,

    Our froxlor server is behiend NAT and it uses the local IP  192.168.73.40.  We have enabled letsencrypt module in froxlor and tried validating SSL for a domain in the server.  SSL generation is getting failed with 403 error.  See the debug log information.      Replaced domain name and main IP.    Can any one help me regarding the issue.

     

    [information] Updating Let's Encrypt certificates
    [information] Updating domain-name.com
    [information] Adding SAN entry: domain-name.com
    [information] Adding SAN entry: www.domain-name.com
    [information] letsencrypt-v2 Using 'https://acme-v02.api.letsencrypt.org' to generate certificate
    [information] letsencrypt-v2 Using existing account key
    [information] letsencrypt-v2 Starting certificate generation process for domains
    [information] letsencrypt-v2 Sending signed request to https://acme-v02.api.letsencrypt.org/acme/new-order
    [information] letsencrypt-v2 Requesting challenge for domain-name.com
    [information] letsencrypt-v2 Got challenge token for domain-name.com
    [information] letsencrypt-v2 Token for domain-name.com saved at /var/www/froxlor/.well-known/acme-challenge/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k and should be available at http://domain-name.com/.well-known/acme-challenge/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k
    [information] letsencrypt-v2 Sending request to challenge
    [information] letsencrypt-v2 Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/803008408/k46kFQ
    [information] letsencrypt-v2 Verification pending, sleeping 1s
    [information] letsencrypt-v2 Verification pending, sleeping 1s
    [error] Could not get Let's Encrypt certificate for domain-name.com: Verification ended with error: {"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from http:\/\/domain-name.com\/.well-known\/acme-challenge\/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k [212.224.xxx.xxx]: \"<!DOCTYPE html>\\n<html lang=\\\"en-CA\\\" class=\\\"html_stretched responsive av-preloader-active av-preloader-enabled av-default-lightbox\"","status":403},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/803008408\/k46kFQ","token":"vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k","validationRecord":[{"url":"http:\/\/www.domain-name.com\/.well-known\/acme-challenge\/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k","hostname":"www.domain-name.com","port":"80","addressesResolved":["212.224.xxx.xxx"],"addressUsed":"212.224.xxx.xxx"},{"url":"http:\/\/domain-name.com\/.well-known\/acme-challenge\/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k","hostname":"domain-name.com","port":"80","addressesResolved":["212.224.xxx.xxx"],"addressUsed":"212.224.xxx.xxx"}]}
    [information] Let's Encrypt certificates have been updated

     

  4. 1 minute ago, d00p said:

    just "ls -la" to the mail account folder - they should all be there. Now depending on the email client, these folders might just not be subscribed to. Please refer to dovecot documentation, this has nothing to do with froxlor

    Folders are like the same  and the same size  but it is not showing while we copy files via rsync.  But while doing imapsync i  get exactly like the same.    

  5. Hi,

    Wile doing migration of email accounts from one froxlor server to another I have noting some thing.   Expecting some clarification on this.  As we all know emails are normally stored in the location "/var/customers/mail/user/domain.com/user/Maildir/" .   I create email accounts via froxlor panel and copy the email files directly via scp or rsync from old server to new.  The strange thing I have noticed is it is not coping custom folders and its emails like we have in source.  

    The solution I have found for this is to use imapsync between old and new.  imapsync is preserving custom folders like as it is in source.    Does it mean custom folder settings are stored somewhere else?  How we can preserve it and copy emails manually?

  6. Hi,

     

    I need to enable access log for froxlor.   In froxlor vhost config I cannot see access log enabled.  If I edit manually it is getting overwritten.  Below is my vhost config for froxlor.  let me know how to enable access log and error log for foxlor.

     

    <VirtualHost 192.168.73.40:443>
    DocumentRoot "/var/www/froxlor/"
    ServerName hostname.cm
    SSLEngine On
    SSLProtocol -ALL +TLSv1 +TLSv1.2
    SSLCompression Off
    SSLHonorCipherOrder On
    SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
    SSLVerifyDepth 10
    SSLCertificateFile /etc/apache2/ssl/*********.crt
    SSLCertificateKeyFile /etc/apache2/ssl/******.key
    SSLCACertificateFile /etc/apache2/ssl/*******CA.crt
    SSLCertificateChainFile /etc/apache2/ssl/******.crt
    </VirtualHost>

     

  7. Hi,

    My email was previously with gmail and it is configured in my Thunderbird mail client with mac.     I have now moved my domain and its mx to froxlor mx.  I have tired migrating old email to froxlor via thundirbird.  I could see it getting failed for some reason.  All emails are also not getting copied. 

    Finally I have managed to copy old emails manually to my server via scp.  I copied emails from local system location "/Users/nisa/Library/Mail/V4/5214C655-C856-4C64-A5B2-45B4FD5B11D4/INBOX.mbox/B07A31E1-A91B-4F22-9F5D-6DBBB760A094/Data/2/8/1/Messages/*"   to  "/var/customers/mail/nisa/domain.com/nisa/Maildir/.Sent/cur/"    copied sent folder likewise.  I could see emails good meanwhile I am unable to find the attachments.  Thunderbird stores attachments as files in different folder and I am unable to find the location where froxlor store its email attachments.

    My question is how froxlor manages the email attachments?  Is it treating each attachment as file names ? I have  froxlor + dovecot.    Let me know the location to which I have to copy my attachments ?

     

  8. Hi,

    I have also rebooted the server to make sure updated things loads good.  Still it is not working.   What you think is the cause ?  Bugs ??

     

    root@:~# uname -a
    Linux  3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux
    root@:~# cat /etc/issue
    Debian GNU/Linux 9 \n \l

     

  9. root@w03:/etc/apache2/sites-enabled# cat 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf
    # 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf
    # Created 06.11.2017 11:46
    # Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

    # Domain ID: 45 (SSL) - CustomerID: 13 - CustomerLogin: kaikaito
    <VirtualHost 192.168.73.56:443>
      ServerName nisa.kaikaito.de
      ServerAlias *.nisa.kaikaito.de
      ServerAdmin np@kaikaito.it
      SSLEngine On
      SSLProtocol -ALL +TLSv1 +TLSv1.2
     Protocols h2 http/1.1
      SSLCompression Off
      SSLHonorCipherOrder On
      SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
      SSLVerifyDepth 10
      SSLCertificateFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.crt
      SSLCertificateKeyFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.key
      SSLCertificateChainFile /etc/ssl/froxlor-custom/nisa.kaikaito.de_chain.pem
      <IfModule mod_headers.c>
        Header always set Strict-Transport-Security "max-age=31535995"
      </IfModule>
      DocumentRoot "/var/customers/webs/kaikaito/nisa/"
      FcgidIdleTimeout 30
      SuexecUserGroup "kaikaito" "kaikaito"
      <Directory "/var/customers/webs/kaikaito/nisa/">
        <FilesMatch "\.(php)$">
          SetHandler fcgid-script
          FcgidWrapper /var/www/php-fcgi-scripts/kaikaito/nisa.kaikaito.de/php-fcgi-starter .php
          Options +ExecCGI
        </FilesMatch>
        Require all granted
        AllowOverride All
      </Directory>
      Alias /webalizer "/var/customers/webs/kaikaito/webalizer"
      ErrorLog "/var/customers/logs/kaikaito-error.log"
      CustomLog "/var/customers/logs/kaikaito-access.log" combined
    </VirtualHost>

     

  10. Hi,

    Thx for the update.  I have enabled  http2 in forxlor as updated in the above steps.  See the screen shots.   I can also see "OCSP stapling" and "HSTS" .  Cool.

    But upon testing I could see the below error in apache.

    AH00526: Syntax error on line 12 of /etc/apache2/sites-enabled/35_froxlor_ssl_vhost_dumdum.conf:
    Invalid command 'Protocols', perhaps misspelled or defined by a module not included in the server configuration
    Action 'configtest' failed.

     

    https://www.shivering-isles.com/http-2-getting-ready-on-debian-with-apache2/

    I have then followed the above doc and enabled http2 in apache.  As i was using "Apache 2.4.10",  I have to update it to "Apache/2.4.29"  which is still in latest test release of Debian..

    But unfortunately I cannot still see http2 enabled On header testing.

     

    curl --http2 -I domain.com


    HTTP/1.1 200 OK
    Date: Thu, 02 Nov 2017 04:44:53 GMT
    Server: Apache/2.4.29 (Debian)
    Last-Modified: Thu, 02 Nov 2017 03:32:23 GMT
    ETag: "e-55cf7a2e85d40"
    Accept-Ranges: bytes
    Content-Length: 14
    Content-Type: text/html

    Can you please help me to fix this ?

     

    froxlor update.png

    new support.png

×
×
  • Create New...