Jump to content
Froxlor Forum
  • 0
catchiller

Let's Encrypt fullchain abspeichern

Question

Hallo Froxlor Team,

 

wäre es möglich, dass ihr im nächsten Release auch die fullchain.pem von Let's Encrypt abspeichert?

 

Somit könnte man diese auch ohne die Chainfiles direkt in Programme wie dovecot und postfix einbinden. Soweit ich weiß erlaubt dovecot sogar ausschließlich fullchains

 

Vielen Dank

Share this post


Link to post
Share on other sites

9 answers to this question

Recommended Posts

  • 0

Bugtracker -> Feature Request...für 0.9.35 aber nicht mehr, sry

Share this post


Link to post
Share on other sites
  • 0

Hallo,

 

habe das selbe Problem mit dovecot, dass ich die fullchain brauche.

Konnte im Bugtracker keinen Eintrag zu "fullchain" finden. Gibt es dazu etwas Neues?

Nutze aktuell Version 0.9.36. 

 

Vielen Dank!

Share this post


Link to post
Share on other sites
  • 0

Froxlor generiert halt im grunde die LE certs für WEB-Gebraucht, nicht für Dovecot od. Postfix. Aktuell gibt es hier noch keine Änderungen (stand 0.9.36). Wenn es dazu ein Feature-Request gibt schauen wir uns das gerne an, hat ich ja auch schonmal gesagt (https://forum.froxlor.org/index.php/topic/13344-lets-encrypt-fullchain-abspeichern/#entry31709)

Share this post


Link to post
Share on other sites
  • 0

gibts seit november 2017 hier

https://github.com/Froxlor/Froxlor/commit/6d32898e94d2d6f251acc5a1d52eb5e9766aa93a

 

habs selber aber nicht getestet

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By d00p
      Dear Froxlor Community,
      I am proud to finally release the stable version of a new API based froxlor. Due to massive internal improvements and changes in the core (almost 600 commits since 0.9.40.1) users are now able to list/create/edit/delete resources and entities of froxlor via API (requires activation of api-usage in the settings and a user based API-key). The froxlor frontend itself uses the API backend too.
      Froxlor now uses composer to include some of its requirements like phpMailer, Logger, IdnaConvert and TwoFactorAuth libraries. All required files will be included in the official tarball so you do not need to worry about installing and using composer (only if you are using / testing the git-master, see https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-from-git-sources).
      Most important changes:
      froxlor now requires at least php-7.0 or newer, php-5.6 is no longer supported because of its EOL almost a year ago you can access data via API, for more information see https://api.froxlor.org/doc/. An example can be found here: https://github.com/Froxlor/Froxlor/tree/master/doc/example PHPUnit tested API backend with MySQL 5.6, 5.7 and 8 as well as MariaDB 10.3 and 10.4, see https://travis-ci.com/Froxlor/Froxlor compatibility for MySQL8 2FA (two-factor-authentication) for admins/resellers/customers (email or authenticator app) all froxlor-database tables will automatically be converted to the InnoDB engine added support for Debian 10 (buster) and Ubuntu 18.04 (bionic beaver) implemented Let's Encrypt via acme.sh - Note: all your current Let's Encrypt certificates will be removed and re-created due to another structure customizable error/access log handling for webserver (format, level, pipe-to-script, etc.) deprecated Debian 7 (wheezy) and Ubuntu 14.04 (trusty tahr) support dropped support for Ubuntu 12.04 (precise pangolin) dropped ticketsystem Changes in 0.10.1:
      allow/disallow API access on a per-customer base new API parameters for Admins.add(), Admins.update(), Customers.add() and Customers.update() bool $api_allowed (default: false for Customers, true for Admins) add explicit tlsv1.3 ciphersuite setting fixed wrong behaviour in Ftps.add() if customer is newly created and setting customer.ftpatdomain is true added expiration date to SSL certificates loaded via API request fixed wrong return in Certificates.get() if given domain does not have a certificate allow setting http2 flag for (sub)domains in customer view, fixes #725 Changes in 0.10.2:
      force Let's Encrypt ACMEv2 API, fixed #728 added default-ssl-vhost settings and optionally allow including of non-ssl default-vhost settings, fixes #727 new API parameters for Domains.add() and Domains.update() string $ssl_specialsettings bool $include_specialsettings bool $dont_use_default_ssl_ipandport_if_empty removed API parameters in Domains.add() bool $use_default_ssl_ipandport_if_empty new API parameters for IpsAndPorts.add() and IpsAndPorts.update() string $ssl_specialsettings bool $include_specialsettings string $ssl_default_vhostconf_domain bool $include_default_vhostconf_domain implemented DomainZones.listing() to return custom stored dns entries fix registration and termination date to flip between empty-value and 0000-00-00 Changes in 0.10.3:
      fallback to /tmp/froxlor.log if file-log is activated but no file given or not writeable; fixes #737 added tls-settings per domain for admins with change_serversettings-flag set; fixes #519 new API parameter for Domains.add() and Domains.update() bool $override_tls (default: false) array $ssl_protocols string $ssl_cipher_list string $tlsv13_cipher_list preserve downward compatibility for 0.10.1 updaters regarding specialsettings for ssl-enabled domains; fixes #739 Changes in 0.10.4:
      added support for CIDR/netmask in mysql-access-hosts; fixes #564 fixed invalid handling of escape-sequences in api-endpoint, fixes #746 fixed an issue with adding the default ftp user for new customer when added by admin/reseller with no ftp-resources; fixes #741 fixed nginx configuration issue with fastcgi_split_path_info option; fixes #744 Changes in 0.10.5:
      bugfix release due to errors in Let's Encrypt re-new check; fixes #747 Changes in 0.10.6:
      introducing new API parameters sql_search, sql_limit, sql_offset, sql_orderby for almost all listing() calls introducing new API method listingCount() for almost all modules to return the total number of entities available changed behavior of SubDomains.listing() to return all fields from the domain table instead of the limited ones for customers when called as admin added new API module SysLog to query froxlor logs according to permission optimized panel_admins and panel_customers table to avoid mysql/mariadb warning: Row size too large (> 8126); fixes #752 corrected update of hosting plans via interface; fixes #753 implemented API method EmailForwarders.listing(); fixes #754 fixed parameters defaults for Domains.update() parameters ssl_ipandports and add new parameter (see below); fixes #756 new API parameters for Domains.update() bool $remove_ssl_ipandport Changes in 0.10.7:
      corrected behavior when changing mysql-access-host values; fixes #758 fix UI error "API keys not accessable due to missing Paging-class" fix trauncating of SysLog using SysLog.delete() corrected UI issue of incorrect listing of domains for customers and admin, fixes #759 corrected ordering of listings in UI regarding pagination added new settings to set default value of domain-edit-settings 'Apply specialsettings to all subdomains' and 'Apply php-config to all subdomains' corrected vhost-merging of specialsettings in nginx; fixes #757 Changes in 0.10.8:
      fix duplicate domain entries in customer-domain-list when domain has aliases fix searching for alias-domains by link in customer_domains use correct apiendpoint for lets encrypt; pass debug-flag onto acme.sh; fixes #762 fix removing of ssl-ip-relation to domain if no ssl-ip is selected via interface Debian package: Move mysql server dependency to redommends; fixes #761 Changes in 0.10.9:
      fix SQL error when searching for certificates by domainname, fixes #764 fix ordering of listings when natural sorting is activated, fixes #765 check for valid result when reading database usage from information_schema; fixes #766 Download: 0.10.9

      Note: Debian/Ubuntu packages are available as of 21th of October 2019 - Note that there are no packages for oldoldstable (jessie) anymore
      Attention: The auto-update feature is currently not working correctly for updaters from 0.9.x due to the archive taking a bit longer to extract and froxlor trying to redirect too soon thus leading to an internal server error. A quick reload does "fix" the problem. To avoid that please use the manual update options, see https://github.com/Froxlor/Froxlor/wiki

      Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.freenode.net for support, help, participation or just a chat

      Thank you,
      d00p
    • By ZARk
      Hello

      I can't renew certs (or create new certs) since the 0.10 upgrade. was working fine before on 0.9

      I'm basically getting the same output everytime i run this command.
       
      xander /var/www/froxlor # /usr/bin/php7.3 -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for Westecheurope.eu [information] Adding SAN entry: Westecheurope.eu [information] Adding SAN entry: www.Westecheurope.eu [Mon 4 Nov 11:23:46 CET 2019] It is recommended to install socat first. [Mon 4 Nov 11:23:46 CET 2019] We use socat for standalone server if you use standalone mode. [Mon 4 Nov 11:23:46 CET 2019] If you don't use standalone mode, just ignore this warning. [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Mon 4 Nov 11:23:45 CET 2019] Installing from online archive. [Mon 4 Nov 11:23:45 CET 2019] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz [Mon 4 Nov 11:23:46 CET 2019] Extracting master.tar.gz [Mon 4 Nov 11:23:46 CET 2019] Installing to /root/.acme.sh [Mon 4 Nov 11:23:46 CET 2019] Installed to /root/.acme.sh/acme.sh [Mon 4 Nov 11:23:46 CET 2019] Good, bash is found, so change the shebang to use bash as preferred. [Mon 4 Nov 11:23:47 CET 2019] OK [Mon 4 Nov 11:23:47 CET 2019] Install success! [Mon 4 Nov 11:23:47 CET 2019] Upgrade success! [Mon 4 Nov 11:23:47 CET 2019] Removing cron job [Mon 4 Nov 11:23:52 CET 2019] get to authz error. [Mon 4 Nov 11:23:52 CET 2019] _authorizations_map='www.westecheurope.eu,{"identifier":{"type":"dns","value":"www.westecheurope.eu"},"status":"pending","expires":"2019-11-07T18:17:12Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077162/e3Lmew","token":"H07E0jvAJ-vnQ4jirnVIxqLeRxDwQ_VC6PQ0RAJgEvU"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077162/rs0T6w","token":"H07E0jvAJ-vnQ4jirnVIxqLeRxDwQ_VC6PQ0RAJgEvU"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077162/ZPjfSg","token":"H07E0jvAJ-vnQ4jirnVIxqLeRxDwQ_VC6PQ0RAJgEvU"}]} westecheurope.eu,{"identifier":{"type":"dns","value":"westecheurope.eu"},"status":"pending","expires":"2019-11-07T18:17:12Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077160/hOWGhQ","token":"Bd7XDicTn8dtJBIYc9Eod2d7eOxZGba42pnnl5aCNyI"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077160/nj7_Ow","token":"Bd7XDicTn8dtJBIYc9Eod2d7eOxZGba42pnnl5aCNyI"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077160/v7Bc7A","token":"Bd7XDicTn8dtJBIYc9Eod2d7eOxZGba42pnnl5aCNyI"}]} ' [Mon 4 Nov 11:23:52 CET 2019] Please add '--debug' or '--log' to check more details. [Mon 4 Nov 11:23:52 CET 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh [debug] [Mon 4 Nov 11:23:48 CET 2019] Creating domain key [Mon 4 Nov 11:23:49 CET 2019] The domain key is here: /root/.acme.sh/Westecheurope.eu/Westecheurope.eu.key [Mon 4 Nov 11:23:49 CET 2019] Multi domain='DNS:Westecheurope.eu,DNS:www.Westecheurope.eu' [Mon 4 Nov 11:23:50 CET 2019] Getting domain auth token for each domain [Mon 4 Nov 11:23:52 CET 2019] Getting webroot for domain='Westecheurope.eu' [error] Could not get Let's Encrypt certificate for Westecheurope.eu: [Mon 4 Nov 11:23:48 CET 2019] Creating domain key [Mon 4 Nov 11:23:49 CET 2019] The domain key is here: /root/.acme.sh/Westecheurope.eu/Westecheurope.eu.key [Mon 4 Nov 11:23:49 CET 2019] Multi domain='DNS:Westecheurope.eu,DNS:www.Westecheurope.eu' [Mon 4 Nov 11:23:50 CET 2019] Getting domain auth token for each domain [Mon 4 Nov 11:23:52 CET 2019] Getting webroot for domain='Westecheurope.eu' [information] No new certificates or certificates due for renewal found [notice] Checking system's last guid  
    • By thunfischbaum
      Hi everyone,
      just a little problem here. I have severa domains registered on my froxlor installation and a different hostname of course. So let's say domain1.de is my hostname. The second domain, which is used by a customer is called domain2.de . When I view the mail.log I am not able to find my connection request. I do only see the bruteforce bots with example@domain1.de connecting. But any example@domain2.de request is not getting forwareded. I did configure the installation accordingdly with the provided templates.
      Best regards,
      thunfischbaum
    • By thunfischbaum
      Hi everyone,
      I'm running a Debian 10 Buster Server with PHP7.3 installed. The PHP7.3 update is the new component in the system. since then, I can't find any Mailboxes. There are no folders in the var/customers/mail/[customer] directory.
      If you take look at the Screenshot, you see, that the E-Mail adress is existent in Froxlor. 

      Mail Bounce
      Mail Log
       
      If I missed a log, please let me know, so I can attach it
      Best regards,
      thunfischbaum

×
×
  • Create New...