[Letsencrypt SSL renewal getting failed]

I have followed the above procedure and it worked.   Thx.  Everything was working good till last froxlor update.    Was there some bugs which has caused this problem? 

[Letsencrypt SSL renewal getting failed]

Hi,

We have noticed letsencrypt crons getting failed with the below message.  Current froxlor version  is 0.10.25.  I have replaced actual domain with domain.com.  All our domains SSL update are getting failed.

[error] Could not find certificate-folder '/root/.acme.sh/domain.com/'
[error] Could not get Let's Encrypt certificate for domain.com:

[Blank page issue with froxlor version 0.10.18]

Hi, Recently i have updated froxlor version running on my debian 8  php 5.6  to latest one.  I have changed default froxlor php to 7.3.   Current froxlor version is "0.10.18"(DB: 202005150).  See the attached screen shot.    I could see the below error in apache logs for froxlor and it is loading blank. mod_fcgid: stderr: PHP Parse error: syntax error, unexpected '?' in /var/www/froxlor/index.php on line 485 Has some one had the same issue after upgrade?

[Error after upgrade]

Downgraded to old version of froxlor and problem solved.

[Error after upgrade]

Hi,

 

I am getting blank page while trying to enable letsencrypt ssl for a domain  via front end.   While checking the apache logs I could see the below error in logs. 

 PHP Parse error:  syntax error, unexpected '?' in /var/www/html/lib/Froxlor/Api/Commands/Customers.php on line 254, referer: http://froxlor.domain.com/admin_domains.php?s=a81a2a55d99e78e34d884130caea6c7b&page=domains&action=edit&id=12

 

[letsencrypt getting failed under NAT]

Hi,

Problem is solved.   Acme conf was found causing the problem.   Fixed that

 

/etc/apache2/conf-enabled/acme.conf

Alias "/.well-known/acme-challenge" "/var/www/froxlor/.well-known/acme-challenge"
<Directory "/var/www/froxlor/.well-known/acme-challenge">
Require all granted
</Directory>

[letsencrypt getting failed under NAT]

Hi,

Our froxlor server is behiend NAT and it uses the local IP  192.168.73.40.  We have enabled letsencrypt module in froxlor and tried validating SSL for a domain in the server.  SSL generation is getting failed with 403 error.  See the debug log information.      Replaced domain name and main IP.    Can any one help me regarding the issue.

 

[information] Updating Let's Encrypt certificates
[information] Updating domain-name.com
[information] Adding SAN entry: domain-name.com
[information] Adding SAN entry: www.domain-name.com
[information] letsencrypt-v2 Using 'https://acme-v02.api.letsencrypt.org' to generate certificate
[information] letsencrypt-v2 Using existing account key
[information] letsencrypt-v2 Starting certificate generation process for domains
[information] letsencrypt-v2 Sending signed request to https://acme-v02.api.letsencrypt.org/acme/new-order
[information] letsencrypt-v2 Requesting challenge for domain-name.com
[information] letsencrypt-v2 Got challenge token for domain-name.com
[information] letsencrypt-v2 Token for domain-name.com saved at /var/www/froxlor/.well-known/acme-challenge/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k and should be available at http://domain-name.com/.well-known/acme-challenge/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k
[information] letsencrypt-v2 Sending request to challenge
[information] letsencrypt-v2 Sending signed request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/803008408/k46kFQ
[information] letsencrypt-v2 Verification pending, sleeping 1s
[information] letsencrypt-v2 Verification pending, sleeping 1s
[error] Could not get Let's Encrypt certificate for domain-name.com: Verification ended with error: {"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Invalid response from http:\/\/domain-name.com\/.well-known\/acme-challenge\/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k [212.224.xxx.xxx]: \"<!DOCTYPE html>\\n<html lang=\\\"en-CA\\\" class=\\\"html_stretched responsive av-preloader-active av-preloader-enabled av-default-lightbox\"","status":403},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/803008408\/k46kFQ","token":"vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k","validationRecord":[{"url":"http:\/\/www.domain-name.com\/.well-known\/acme-challenge\/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k","hostname":"www.domain-name.com","port":"80","addressesResolved":["212.224.xxx.xxx"],"addressUsed":"212.224.xxx.xxx"},{"url":"http:\/\/domain-name.com\/.well-known\/acme-challenge\/vkTyLi2ApfP9O9ou8GyDz6WQmB--HP4ULnU0fhjXI0k","hostname":"domain-name.com","port":"80","addressesResolved":["212.224.xxx.xxx"],"addressUsed":"212.224.xxx.xxx"}]}
[information] Let's Encrypt certificates have been updated

 

[Custom folder where email folders are stored]

1 minute ago, d00p said:

just "ls -la" to the mail account folder - they should all be there. Now depending on the email client, these folders might just not be subscribed to. Please refer to dovecot documentation, this has nothing to do with froxlor

Folders are like the same  and the same size  but it is not showing while we copy files via rsync.  But while doing imapsync i  get exactly like the same.    

[Custom folder where email folders are stored]

>>Did you maybe copy accounts from a courier based to a dovecot server?

Both are dovecot.   Then where did the custom folder settings saved for the mail account?

[Custom folder where email folders are stored]

Hi,

Wile doing migration of email accounts from one froxlor server to another I have noting some thing.   Expecting some clarification on this.  As we all know emails are normally stored in the location "/var/customers/mail/user/domain.com/user/Maildir/" .   I create email accounts via froxlor panel and copy the email files directly via scp or rsync from old server to new.  The strange thing I have noticed is it is not coping custom folders and its emails like we have in source.  

The solution I have found for this is to use imapsync between old and new.  imapsync is preserving custom folders like as it is in source.    Does it mean custom folder settings are stored somewhere else?  How we can preserve it and copy emails manually?

[Enable froxlor access log]

Hi,

 

Thx for the update.   I have configured the following.

 

ErrorLog "/var/log/apache2/error.log"
CustomLog "/var/log/apache2/access.log" combined

 

 

[Enable froxlor access log]

Hi,

 

I need to enable access log for froxlor.   In froxlor vhost config I cannot see access log enabled.  If I edit manually it is getting overwritten.  Below is my vhost config for froxlor.  let me know how to enable access log and error log for foxlor.

 

<VirtualHost 192.168.73.40:443>
DocumentRoot "/var/www/froxlor/"
ServerName hostname.cm
SSLEngine On
SSLProtocol -ALL +TLSv1 +TLSv1.2
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
SSLVerifyDepth 10
SSLCertificateFile /etc/apache2/ssl/*********.crt
SSLCertificateKeyFile /etc/apache2/ssl/******.key
SSLCACertificateFile /etc/apache2/ssl/*******CA.crt
SSLCertificateChainFile /etc/apache2/ssl/******.crt
</VirtualHost>

 

[Email attachment storage location]

Hi,

I am aware emails have nothing to do with froxlor,  I just wanted to know if email and attachments are saved differently or both in single file ? 

 

Do you think if there is some work around to copy the attachments and make it working ?

[Email attachment storage location]

Hi,

My email was previously with gmail and it is configured in my Thunderbird mail client with mac.     I have now moved my domain and its mx to froxlor mx.  I have tired migrating old email to froxlor via thundirbird.  I could see it getting failed for some reason.  All emails are also not getting copied. 

Finally I have managed to copy old emails manually to my server via scp.  I copied emails from local system location "/Users/nisa/Library/Mail/V4/5214C655-C856-4C64-A5B2-45B4FD5B11D4/INBOX.mbox/B07A31E1-A91B-4F22-9F5D-6DBBB760A094/Data/2/8/1/Messages/*"   to  "/var/customers/mail/nisa/domain.com/nisa/Maildir/.Sent/cur/"    copied sent folder likewise.  I could see emails good meanwhile I am unable to find the attachments.  Thunderbird stores attachments as files in different folder and I am unable to find the location where froxlor store its email attachments.

My question is how froxlor manages the email attachments?  Is it treating each attachment as file names ? I have  froxlor + dovecot.    Let me know the location to which I have to copy my attachments ?

 

[froxlor in Ubuntu 16]

Hi,

I have met with two issues on it.

1.  FCGI users not getting configured as needed.

2.  FCGi user error on newly created vhosts

Can you please let me know if there is some docs for the same.

[froxlor in Ubuntu 16]

Hi,

Is Ubuntu16 compatible with froxlor.  I have tried the same.  FCGI getting failed.  I am unable to find documentation for the same in "Configuration"  inside froxlor. 

[Enabling HTTP/2 support in froxlor]

Hi,

I have also rebooted the server to make sure updated things loads good.  Still it is not working.   What you think is the cause ?  Bugs ??

 

root@:~# uname -a
Linux  3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 GNU/Linux
root@:~# cat /etc/issue
Debian GNU/Linux 9 \n \l

 

[Enabling HTTP/2 support in froxlor]

updated Open ssl version to latest.  Still it is like the same

 

openssl version
OpenSSL 1.1.0f  25 May 2017

[Enabling HTTP/2 support in froxlor]

 

 

 openssl version
OpenSSL 1.0.1t  3 May 2016 (Library: OpenSSL 1.0.2l  25 May 2017)

 

[Enabling HTTP/2 support in froxlor]

apache2ctl -M | grep "http2"
 http2_module (shared)

 

[Enabling HTTP/2 support in froxlor]

root@w03:/etc/apache2/sites-enabled# cat 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf
# 35_froxlor_ssl_vhost_nisa.kaikaito.de.conf
# Created 06.11.2017 11:46
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 45 (SSL) - CustomerID: 13 - CustomerLogin: kaikaito
<VirtualHost 192.168.73.56:443>
  ServerName nisa.kaikaito.de
  ServerAlias *.nisa.kaikaito.de
  ServerAdmin np@kaikaito.it
  SSLEngine On
  SSLProtocol -ALL +TLSv1 +TLSv1.2
 Protocols h2 http/1.1
  SSLCompression Off
  SSLHonorCipherOrder On
  SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.crt
  SSLCertificateKeyFile /etc/ssl/froxlor-custom/nisa.kaikaito.de.key
  SSLCertificateChainFile /etc/ssl/froxlor-custom/nisa.kaikaito.de_chain.pem
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=31535995"
  </IfModule>
  DocumentRoot "/var/customers/webs/kaikaito/nisa/"
  FcgidIdleTimeout 30
  SuexecUserGroup "kaikaito" "kaikaito"
  <Directory "/var/customers/webs/kaikaito/nisa/">
    <FilesMatch "\.(php)$">
      SetHandler fcgid-script
      FcgidWrapper /var/www/php-fcgi-scripts/kaikaito/nisa.kaikaito.de/php-fcgi-starter .php
      Options +ExecCGI
    </FilesMatch>
    Require all granted
    AllowOverride All
  </Directory>
  Alias /webalizer "/var/customers/webs/kaikaito/webalizer"
  ErrorLog "/var/customers/logs/kaikaito-error.log"
  CustomLog "/var/customers/logs/kaikaito-access.log" combined
</VirtualHost>

 

[Enabling HTTP/2 support in froxlor]

Hi,

I have tested it and it is showing not supported result

 

 

[Enabling HTTP/2 support in froxlor]

Hi,

Thx for the update.  I have enabled  http2 in forxlor as updated in the above steps.  See the screen shots.   I can also see "OCSP stapling" and "HSTS" .  Cool.

But upon testing I could see the below error in apache.

AH00526: Syntax error on line 12 of /etc/apache2/sites-enabled/35_froxlor_ssl_vhost_dumdum.conf:
Invalid command 'Protocols', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.

 

https://www.shivering-isles.com/http-2-getting-ready-on-debian-with-apache2/

I have then followed the above doc and enabled http2 in apache.  As i was using "Apache 2.4.10",  I have to update it to "Apache/2.4.29"  which is still in latest test release of Debian..

But unfortunately I cannot still see http2 enabled On header testing.

 

curl --http2 -I domain.com

HTTP/1.1 200 OK
Date: Thu, 02 Nov 2017 04:44:53 GMT
Server: Apache/2.4.29 (Debian)
Last-Modified: Thu, 02 Nov 2017 03:32:23 GMT
ETag: "e-55cf7a2e85d40"
Accept-Ranges: bytes
Content-Length: 14
Content-Type: text/html

Can you please help me to fix this ?

 

[Enabling HTTP/2 support in froxlor]

Hi,

Does it mean we have to update the current froxlor version ?  it will automatically get updated?   What is the procedure to get updated ?

[Enabling HTTP/2 support in froxlor]

Hi,

We wish to enable HTTP/2 support in our forxlor server which is currently running apache server version "Server version: Apache/2.4.10 (Debian)".    Debian GNU/Linux 8 \n \l

https://http2.pro/doc/Apache

Has any one tried to enable the same in forxlor ?  We are running shared hosting.  Look forward to have detailed update.