Jump to content
Froxlor Forum
  • 0

Configuration Woes


w6g

Question

Hi!

 

Recently, I upgraded from 0.9.34.2 to 0.9.37. Trying to get Let's Encrypt working, I am experiencing some basic strangenesses which I don't understand and which I need help with.

 

Let's begin here:

 

  • I am trying to enable debug logs in order to see what is happening. I set the debug level to "paranoid" (only options available are "paranoid" and "normal"), having all log destinations activated. Logs get written, but I don't get the "debug" entries, Only "information", "notice", "error". The parameter "logger.severity" in panel_settings is set to 2.
  • In the log entries I have an error message from a cron job that the ssl_cert_file cannot be found. The setting I have entered into "Settings/SSL Settings/Path to the SSL certificate" is the correct one; but the error message logs a different file name. The database entry in panel_settings "system.ssl_cert_file" is the correct one, too. Nevertheless, the cron job tries to read a different file.

How should I go on from here?

 

w6g

Link to comment
Share on other sites

5 answers to this question

Recommended Posts

Well, no and yes.

 

I did not mix up the SSL Certificates we are talking about now with Let's Encrypt. LE ist still off, and I did not expect anything from LE (yet).

 

What I did learn is that there is not only

  • Settings / SSL Settings / Path to the SSL Certificate

but also

  • IP and Ports / x.x.x.x:443 / Path to the Certificate

and the latter one had the faulty setting.

 

Thanks you for your help -- where can I learn about which setting is for what? Is there anything I should read up?

 

w6g

Link to comment
Share on other sites

You've mixed a few things:

 

/usr/local/etc/ssl/somehost.example.org-cert.pem seems to be the certificate you have specified in your settings / ip-port. This is NO Let's Encrypt certificate and is not being autogenerated. But it is needed for the domain ssl-vhosts to be at least a self-signed certificate. For Let's Encrypt certificates per domain you'd just need to check the "Use Let's Encrypt" checkbox when editing the domain

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...