SSL virtual hosts

princeofnaxos · December 28, 2018

After migrating from syscp, all SSL hosts have empty host files. A comment is there, saying "# no ssl-certificate was specified for this domain, therefore no explicit vhost is being generated".

Looking in lib/Froxlor/Cron/Http/Apache.php, I see that $domain['ssl_cert_file'] must be empty in order to get that message. But where in the domain form should I enter the certificate's filename? There is nothing under "Webserver SSL settings" that looks like that.

d00p · December 28, 2018

if Let's encrypt is used (and activated): wait for the cron,

if not, as customer, go to domains - you should see a lock-icon besides every ssl-enabled domain - click on that, you can enter certificate data there

princeofnaxos · December 28, 2018

There is no "lock" in the Domains list. Would explain why I don't find it ?

d00p · December 28, 2018

because this is the ADMIN view...I said "as customer"...

princeofnaxos · December 28, 2018

Hmm, we actually use froxlor only as admin, so I would expect it to be there as well. We don't know our customer's passwords...

princeofnaxos · December 28, 2018

I take that back. Misunderstood you, thought you meant I should login as the customer.

d00p · December 28, 2018

You can always SU to a customer as admin...

princeofnaxos · December 28, 2018

Japp, I already found it. But here, I have to paste the content of the cert, and not its path? That is not very handy, since we have a Let's Encrypt mechanism in place.

d00p · December 28, 2018

if you want Let's Encrypt - the use froxlor's let's encrypt integration rather then certbot or anything. You won't have to copy'n'paste anything as it's done automatically.

The reason for this behavior is, that the customer is able to set a certificate for his domain on his own because he does not have access to the server, nor should it be necessary that he knows the path to the certificate on the server.

princeofnaxos · December 28, 2018

So I enabled "Use Let's Encrypt" in the domain, but I don't see any certificate being created. Where are they stored? How can I monitor the process?

d00p · December 28, 2018

it's generated via CRONJOB - just give it a few minutes or trigger manually using

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug

The certificates are stored in froxlor's database and the configs-cronjob reads from there and generates the files and puts them into the corresponding folder specified in the settings.

princeofnaxos · December 28, 2018

chown: invalid user: ‘froxlorlocal:froxlorlocal’

[information] Updating Let's Encrypt certificates

PHP Notice: Undefined variable: cronlog in /var/www/froxlor.0-10/lib/Froxlor/Cron/Http/LetsEncrypt/LetsEncryptV2.php on line 164

PHP Fatal error: Uncaught Error: Call to a member function logAction() on null in /var/www/froxlor.0-10/lib/Froxlor/Cron/Http/LetsEncrypt/LetsEncryptV2.php:164

Stack trace:

#0 /var/www/froxlor.0-10/lib/Froxlor/Cron/Http/LetsEncrypt/LetsEncrypt.php(32): Froxlor\Cron\Http\LetsEncrypt\LetsEncryptV2::run()

#1 /var/www/froxlor.0-10/lib/Froxlor/Cron/MasterCron.php(101): Froxlor\Cron\Http\LetsEncrypt\LetsEncrypt::run()

#2 /var/www/froxlor.0-10/scripts/froxlor_master_cronjob.php(20): Froxlor\Cron\MasterCron::run()

#3 {main}

thrown in /var/www/froxlor.0-10/lib/Froxlor/Cron/Http/LetsEncrypt/LetsEncryptV2.php on line 164

princeofnaxos · December 28, 2018

Maybe the user is created on fresh install? At least it wasn't created for me. I now did it with 'useradd froxlorlocal'. Does it need a group as well?

d00p · December 28, 2018

Current git master is not for production use, it's development.

Also, your first line states that you did not configure the services correctly after adjusting settings.

d00p · December 28, 2018

Also I don't recommend ACMEv2, v1 works just fine

d00p · December 28, 2018

4 minutes ago, princeofnaxos said:

Maybe the user is created on fresh install? At least it wasn't created for me. I now did it with 'useradd froxlorlocal'. Does it need a group as well?

Configuration configuration configuration

princeofnaxos · December 28, 2018

I know it is not for production, but I expect you would know about things that don't work? I'm willing to help.

1 minute ago, d00p said:

Configuration configuration configuration

Jaja, schön, but I see nowhere that I need to create the user myself.

princeofnaxos · December 28, 2018

Same error with ACME v1:

PHP Fatal error: Uncaught Error: Call to a member function logAction() on null in /var/www/froxlor.0-10/lib/Froxlor/Cron/Http/LetsEncrypt/LetsEncrypt.php:166

d00p · December 28, 2018

7 minutes ago, princeofnaxos said:

Jaja, schön, but I see nowhere that I need to create the user myself.

Dann würde ich ja Mal unter Configuration -> Distro -> Other (system) gucken...z.b. PHP-FPM,

Für die anderen Fehler, ersetze $cronlog einfach mit \Froxlor\FroxlorLogger::getInstanceOf()

princeofnaxos · December 29, 2018

16 hours ago, d00p said:

Für die anderen Fehler, ersetze $cronlog einfach mit \Froxlor\FroxlorLogger::getInstanceOf()

I'm using git, so if I make changes, then I can't pull any longer. Better you update the master.

16 hours ago, d00p said:

Dann würde ich ja Mal unter Configuration -> Distro -> Other (system) gucken...z.b. PHP-FPM,

Trotzdem finde ich dass es dort nicht ganz klar ist, dass man diesen Nutzer/Gruppe selber anlegen muss. Oder mindestens eine Warnung wenn den nicht existiert. Man sieht ja den Output vom Cronjob nicht, wenn man nicht selber auf der Konsole das Skript ausführt.

d00p · December 29, 2018

13 minutes ago, princeofnaxos said:

I'm using git, so if I make changes, then I can't pull any longer. Better you update the master.

Wie wärs dann einfach mit einem PullRequest? Also wenn du helfen willst hilft das mehr - sonst muss ich es sowieso selber durchklicken und fixen

15 minutes ago, princeofnaxos said:

Trotzdem finde ich dass es dort nicht ganz klar ist, dass man diesen Nutzer/Gruppe selber anlegen muss. Oder mindestens eine Warnung wenn den nicht existiert. Man sieht ja den Output vom Cronjob nicht, wenn man nicht selber auf der Konsole das Skript ausführt.

Deswegen soll man auch nach der Installation ERST die Einstellungen anpassen und DANN soweit nötig ALLE Konifgurations-Schritte durchgehen - da ist alles drin was man braucht, so das man nichts vergisst und nichts noch manuell machen muss.

princeofnaxos · December 29, 2018

1 minute ago, d00p said:

Wie wärs dann einfach mit einem PullRequest? Also wenn du helfen willst hilft das mehr - sonst muss ich es sowieso selber durchklicken und fixen

Ja, ok, das ginge auch

d00p · December 29, 2018

Das hört man doch gern Und am allerbesten schauste einfach bei uns im IRC vorbei, da kann man Fragen und Probleme auch etwas schneller lösen

princeofnaxos · December 29, 2018

2 minutes ago, d00p said:

da ist alles drin was man braucht, so das man nichts vergisst und nichts noch manuell machen muss.

Wo steht dann 'useradd froxlorlocal'? Ich finde es nicht (weil ich alle Konfiguration-Schritte durchgegangen bin)

d00p · December 29, 2018

Configuration -> Distro wählen -> Other (System) -> PHP-FPM

[...]
groupadd -f froxlorlocal
useradd -s /bin/false -g froxlorlocal froxlorlocal
[...]

d00p · December 29, 2018

Das steht da halt nicht, wenn es den user schon gibt...macht ja keinen sinn einen anzulegen den es schon gibt

Sign In

SSL virtual hosts

Question

princeofnaxos

27 answers to this question

Recommended Posts

d00p

princeofnaxos

d00p

princeofnaxos

princeofnaxos

d00p

princeofnaxos

d00p

princeofnaxos

d00p

princeofnaxos

princeofnaxos

d00p

d00p

d00p

princeofnaxos

princeofnaxos

d00p

princeofnaxos

d00p

princeofnaxos

d00p

princeofnaxos

d00p

d00p

Archived

Similar Content

Browse

Activity